Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-05-2016
Ran by gabi (administrator) on GABI-PC (24-05-2016 11:39:10)
Running from C:\Users\gabi\Desktop
Loaded Profiles: gabi (Available Profiles: gabi)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Users\gabi\AppData\Local\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-07-08] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5889824 2015-07-28] (IObit)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\...\Run: [Google Update] => C:\Users\gabi\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2019616 2016-01-11] (IObit)
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-05-17] (Google)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll [2011-05-25] (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyServer: [S-1-5-21-4097007782-1966444928-4019047729-1000] => :0
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.facebook.com/
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188} URL =
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> buffer URL =
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> firmy.cz-020302 URL = hxxp://www.firmy.cz/phr/{searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> mapy.cz-020302 URL = hxxp://www.mapy.cz/?sourceid=quicksearch_6826& ... earchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> seznam.cz-020302 URL = hxxp://searchou.com/?q={searchTerms}&id=838fbb60000000000000f46d04641d3c&r=664
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> seznam.cz-091952 URL = hxxp://search.seznam.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> videa.seznam.cz-181817 URL = hxxp://videa.seznam.cz/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> zbozi.cz-020302 URL = hxxp://www.zbozi.cz/?sourceid=quicksearch_6826&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> {180780f0-b348-4b44-8210-94a8f3ee15b2} URL = hxxp://search.comcast.net/search/?cat=Web&con=toolbar&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> {BDF61FAE-9D19-40F0-8F34-688DEB334CA9} URL = hxxp://securedsearch.lavasoft.com/results.php?pr=vmn&id=webcompa&ent=ch_WCYID10140_cnet_150509&q={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-04-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-03-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-03-18] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Toolbar: HKU\S-1-5-21-4097007782-1966444928-4019047729-1000 -> No Name - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-04-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default
FF NewTab: hxxps://www.facebook.com/
FF DefaultSearchEngine: Google Default
FF DefaultSearchEngine,S:
FF SearchEngineOrder.1:
FF SearchEngineOrder.1,S:
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF SelectedSearchEngine,S:
FF Homepage: hxxps://www.facebook.com/
FF Session Restore: -> is enabled.
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.http", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.http_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.no_proxies_on", "localhost, 127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.share_proxy_settings", false);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.socks", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.socks_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.ssl", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.ssl_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.disabled.network.proxy.type", 5);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.http", "127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.http_port", 8888);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.no_proxies_on", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.share_proxy_settings", false);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.socks", "");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.socks_port", 0);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.ssl", "127.0.0.1");
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.ssl_port", 8888);
FF NetworkProxy: "user_pref("extensions.charles.settings.enabled.network.proxy.type", 1);
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-21] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-06-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-06-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-06-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-04-25] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-05-19] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-05-19] (NVIDIA Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2014-11-05] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4097007782-1966444928-4019047729-1000: @tools.google.com/Google Update;version=3 -> C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-4097007782-1966444928-4019047729-1000: @tools.google.com/Google Update;version=9 -> C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF user.js: detected! => C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\user.js [2015-11-29]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml [2015-05-09]
FF SearchPlugin: C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml [2015-12-10]
FF SearchPlugin: C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml [2015-05-09]
FF SearchPlugin: C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml [2015-05-09]
FF Extension: Empty Cache Button - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f} [2016-04-28]
FF Extension: Search By Image (by Google) - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2016-04-28]
FF Extension: Greasemonkey - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-04-30]
FF Extension: saveensharie - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\8fa6m-h@iiyiyeeiyi.com [2013-09-13] [not signed]
FF Extension: Bing Search Engine - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\bingsearch.full@microsoft.com [2015-04-02] [not signed]
FF Extension: MyWordTool - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\emily@wilford.biz [2013-11-24] [not signed]
FF Extension: HTML5 Video Everywhere! - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\html5-video-everywhere@lejenome.me.xpi [2016-01-06]
FF Extension: User Agent RG (FFox update) - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\useragentrg-upd@mozilla.org.xpi [2016-04-27]
FF Extension: Charles Autoconfiguration - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi [2015-03-22] [not signed]
FF Extension: YouTube Flash Video Player - C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2016-05-03]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-04-29]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\...\Firefox\Extensions: [{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}] - C:\Program Files (x86)\LyriXeeker\130.xpi => not found
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2013-06-20] <==== ATTENTION
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24]
CHR HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\gabi\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-04]
CHR HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cgdebfobecnopjndjbdoapgokdjfffpj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [hahpjplbmicfkmoccokbjejahjjpnena] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]
CHR HKLM-x32\...\Chrome\Extension: [oddhjgogndegicgabhgibhfoompkifcn] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - <no Path/update_url>
StartMenuInternet: Google Chrome - C:\Users\gabi\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [446240 2016-01-05] (IObit)
S3 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [922240 2011-06-13] ()
S3 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
S3 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-01] ()
S3 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1353720 2015-07-08] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-07-17] (IObit)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3020440 2015-11-25] (Intel(R) Corporation)
S3 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-14] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-19] (Electronic Arts)
S3 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-16] (Sony Corporation)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [878904 2016-05-16] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-05-16] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-05-16] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
S3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-08-18] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [255240 2015-07-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178520 2015-07-14] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [231520 2015-07-14] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [72400 2015-07-14] (ESET)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-06-23] (GFI Software)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-16] (REALiX(tm))
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-24] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [242688 2015-07-05] (QUALCOMM Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
S3 TuneUpUtilitiesDrv; no ImagePath
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 ZTEusbMB; C:\Windows\System32\DRIVERS\ZTEusbnmeaext2.sys [123520 2010-12-29] (ZTE Incorporated)
S3 ZTEusbwwan; C:\Windows\System32\DRIVERS\ZTEusbwwan.sys [235008 2011-04-09] (ZTE Incorporated)
S3 avchv; system32\DRIVERS\avchv.sys [X]
S3 cpuz137; \??\C:\Users\gabi\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-24 11:39 - 2016-05-24 11:39 - 00031048 _____ C:\Users\gabi\Desktop\FRST.txt
2016-05-24 11:39 - 2016-05-24 11:39 - 00000000 ____D C:\FRST
2016-05-24 11:37 - 2016-05-24 11:37 - 02383360 _____ (Farbar) C:\Users\gabi\Desktop\FRST64.exe
2016-05-24 10:43 - 2016-05-24 10:43 - 00000263 _____ C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
2016-05-23 16:39 - 2016-05-23 16:40 - 292445609 _____ C:\Users\gabi\Downloads\MLUVENÉ SLOVO - Simenon, Georges_ Přístav v mlze (DETEKTIVKA).mp4
2016-05-23 14:17 - 2016-05-23 14:17 - 00001188 _____ C:\Users\gabi\Documents\cc_20160523_141706.reg
2016-05-23 12:34 - 2016-05-19 21:45 - 00113208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-05-23 12:32 - 2016-05-21 17:10 - 01581624 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2016-05-23 12:32 - 2016-05-21 17:10 - 00141256 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2016-05-23 12:32 - 2016-05-21 17:10 - 00046024 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 39979576 _____ C:\Windows\system32\nvcompiler.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 35117112 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 31600696 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 25372096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 21794064 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 21336720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 19110968 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 18138232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 17732936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 17236560 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 13412408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-05-23 12:32 - 2016-05-20 03:01 - 10642728 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 08733096 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 03447232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 03001792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436822.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436822.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00984512 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00911416 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00770496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00708032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00669952 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00476848 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00177952 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00153232 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00131584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-05-23 12:32 - 2016-05-20 03:01 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-05-23 12:32 - 2016-05-20 03:01 - 00000594 _____ C:\Windows\system32\nv-vk64.json
2016-05-23 11:07 - 2016-05-23 11:07 - 00000209 _____ C:\Users\gabi\Desktop\WeTransfer.URL
2016-05-23 08:46 - 2016-05-23 08:46 - 00444656 _____ (ASMedia Technology Inc) C:\Windows\system32\Drivers\asmtxhci.sys
2016-05-23 08:44 - 2016-05-23 08:44 - 00003130 _____ C:\Windows\System32\Tasks\SmartDefrag_Startup
2016-05-23 08:44 - 2016-05-23 08:44 - 00003128 _____ C:\Windows\System32\Tasks\SmartDefrag_Update
2016-05-23 08:44 - 2016-05-23 08:44 - 00000000 ____D C:\Windows\IObit
2016-05-23 08:44 - 2016-05-23 08:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
2016-05-23 02:24 - 2016-05-23 02:24 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-05-23 02:24 - 2016-05-23 02:24 - 00001151 _____ C:\ProgramData\Desktop\Mozilla Firefox.lnk
2016-05-23 00:31 - 2016-05-24 02:01 - 00000000 ____D C:\Users\gabi\Downloads\Mluvene knihy
2016-05-22 23:43 - 2016-05-22 23:43 - 00001654 _____ C:\Users\gabi\Documents\cc_20160522_234339.reg
2016-05-21 19:34 - 2016-05-24 11:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-21 19:34 - 2016-05-23 09:18 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-21 19:34 - 2016-05-23 09:18 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-21 19:34 - 2016-05-23 09:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-20 09:35 - 2016-05-20 09:35 - 00000251 _____ C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
2016-05-17 09:40 - 2016-05-17 09:40 - 00000224 _____ C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
2016-05-15 16:45 - 2016-05-15 16:45 - 00000228 _____ C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
2016-05-15 12:28 - 2016-05-15 12:28 - 00000292 _____ C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
2016-05-13 12:21 - 2016-05-10 00:07 - 01922496 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436519.dll
2016-05-13 12:21 - 2016-05-10 00:07 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436519.dll
2016-05-13 12:18 - 2016-04-14 01:38 - 00113216 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-05-13 12:18 - 2016-04-14 01:38 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-05-13 12:18 - 2016-04-14 01:38 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-05-13 10:28 - 2016-05-13 15:08 - 711588193 _____ C:\Users\gabi\Downloads\Linka.c.657.720p.BluRay.x264.CZ.dabing.mkv
2016-05-13 07:32 - 2016-05-13 08:16 - 791111680 _____ C:\Users\gabi\Downloads\Poldove-a-zlodeji.avi
2016-05-08 16:34 - 2016-05-08 17:26 - 933451776 _____ C:\Users\gabi\Downloads\Navrat-blbyho-a-blbejsiho-Komedie-2014-CZ-adriatic.avi
2016-05-08 00:56 - 2016-05-08 00:56 - 00011802 _____ C:\Users\gabi\Documents\Filip 10.txt
2016-05-07 11:34 - 2016-05-08 01:18 - 1712567876 _____ C:\Users\gabi\Downloads\Terminator.Genisys.2015.BluRay.1080p.TrueHD.7.1.Atmos.x264-EPiC.mkv
2016-05-06 21:49 - 2016-05-06 22:30 - 728084652 _____ C:\Users\gabi\Downloads\Vo-štvorici-po-opici-2-Komedie-2011-CZ-adriatic.avi
2016-05-06 12:03 - 2016-05-06 12:44 - 738929644 _____ C:\Users\gabi\Downloads\Viktor-Frankenstein---2015-CZ-dabing.avi
2016-05-05 17:35 - 2016-05-05 18:52 - 1378323908 _____ C:\Users\gabi\Downloads\S-láskou,-Rosie-(komedie,romantic.-2014)cz---IRISA.avi
2016-05-05 15:25 - 2016-05-05 16:31 - 1182362666 _____ C:\Users\gabi\Downloads\Pád-Země-(2015)-Xvid-⍟ℋ.avi
2016-05-03 22:23 - 2016-05-03 22:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1-1-0-11-1.dll
2016-05-03 22:22 - 2016-05-03 22:22 - 00130848 _____ C:\Windows\system32\vulkan-1-1-0-11-1.dll
2016-05-03 22:22 - 2016-05-03 22:22 - 00045344 _____ C:\Windows\system32\vulkaninfo-1-1-0-11-1.exe
2016-05-03 22:22 - 2016-05-03 22:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-11-1.exe
2016-05-02 21:25 - 2016-05-02 22:40 - 1299148676 _____ C:\Users\gabi\Downloads\Každý-milion-dobrý-Xvid-⍟ℋ.avi
2016-05-02 02:34 - 2016-05-02 02:34 - 00000308 _____ C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
2016-05-02 00:35 - 2016-05-02 02:13 - 1762451456 _____ C:\Users\gabi\Downloads\Padesatka.2015.XviD.CZ.avi
2016-05-01 18:38 - 2016-05-01 20:20 - 1789501440 _____ C:\Users\gabi\Downloads\Superhypochondr-2014-Cz-dab..avi
2016-04-30 22:11 - 2016-04-30 23:04 - 762460160 _____ C:\Users\gabi\Downloads\Lucy-DVDRip_2014_CZ_Dab.avi
2016-04-30 15:00 - 2016-04-30 15:43 - 786511872 _____ C:\Users\gabi\Downloads\Mercy-(2014)-CZ-dabing.avi
2016-04-30 12:41 - 2016-04-30 13:31 - 891371520 _____ C:\Users\gabi\Downloads\Moje-segra-ma-prima-brachu-DVDRip_2014_CZ_Dabing.avi
2016-04-28 02:24 - 2016-04-28 02:24 - 00000742 _____ C:\Users\gabi\Documents\Kvasek.txt
2016-04-27 20:52 - 2016-04-27 21:41 - 734988288 _____ C:\Users\gabi\Downloads\The-Gambler-DVDRip_2015_Cz-Dabing.avi
2016-04-24 09:00 - 2016-04-24 10:59 - 00000000 ____D C:\Users\gabi\Downloads\Nová složka
2016-04-24 00:08 - 2016-04-24 00:08 - 00000842 _____ C:\Users\gabi\Documents\cc_20160424_000823.reg
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-24 11:36 - 2015-05-16 15:46 - 00002870 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (gabi)
2016-05-24 11:34 - 2015-06-18 16:31 - 00000000 ____D C:\Users\gabi\Desktop\Cisteni a optimalizace
2016-05-24 11:33 - 2015-06-02 19:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-24 11:33 - 2015-05-16 15:44 - 00000000 ____D C:\ProgramData\ProductData
2016-05-24 11:33 - 2014-06-17 14:34 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
2016-05-24 11:33 - 2012-03-11 22:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-24 11:33 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-24 11:32 - 2009-07-14 00:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-24 11:32 - 2009-07-14 00:45 - 00017296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-24 10:33 - 2013-07-22 09:06 - 00000386 _____ C:\Windows\Tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
2016-05-24 02:58 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-05-23 20:29 - 2013-01-29 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-05-23 14:21 - 2012-03-14 00:55 - 13005042 _____ C:\Windows\system32\perfh005.dat
2016-05-23 14:21 - 2012-03-14 00:55 - 04364684 _____ C:\Windows\system32\perfc005.dat
2016-05-23 14:21 - 2009-07-14 01:13 - 09048678 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-23 12:34 - 2016-03-10 14:31 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-05-23 12:34 - 2014-02-05 23:38 - 00000000 ____D C:\temp
2016-05-23 12:34 - 2013-01-06 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-23 12:34 - 2012-03-11 22:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-23 11:12 - 2016-04-13 15:41 - 00000000 ____D C:\Program Files\TrueKey
2016-05-23 11:12 - 2015-05-16 14:00 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
2016-05-23 11:12 - 2015-02-04 09:25 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
2016-05-23 11:12 - 2015-02-03 17:53 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
2016-05-23 11:12 - 2014-06-17 14:34 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
2016-05-23 11:12 - 2014-06-17 09:49 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
2016-05-23 11:12 - 2014-06-17 09:49 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
2016-05-23 11:12 - 2012-12-22 12:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-23 08:44 - 2015-11-29 12:45 - 00003238 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2016-05-23 08:44 - 2015-11-29 12:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-05-23 08:44 - 2015-05-16 15:43 - 00000000 ____D C:\Users\gabi\AppData\Roaming\IObit
2016-05-23 08:44 - 2015-05-16 15:43 - 00000000 ____D C:\Program Files (x86)\IObit
2016-05-23 02:24 - 2013-04-11 14:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-23 02:24 - 2012-12-22 12:37 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-23 00:33 - 2016-04-19 12:09 - 00000000 ____D C:\Users\gabi\Downloads\Knihy
2016-05-22 23:44 - 2015-05-16 15:44 - 00002900 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_gabi
2016-05-22 23:43 - 2014-04-13 00:50 - 00000000 ____D C:\Users\gabi\AppData\Local\CrashDumps
2016-05-22 01:47 - 2016-01-06 10:41 - 00000000 ____D C:\Users\gabi\Desktop\Babske rady
2016-05-21 21:33 - 2016-04-13 15:50 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-05-21 19:45 - 2015-05-16 14:00 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2
2016-05-21 19:45 - 2015-02-04 09:25 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26
2016-05-21 19:45 - 2015-02-03 17:53 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca
2016-05-21 19:45 - 2014-06-17 14:34 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e
2016-05-21 19:45 - 2014-06-17 09:49 - 00003884 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d
2016-05-21 19:45 - 2014-06-17 09:49 - 00003488 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9
2016-05-21 19:44 - 2016-04-13 15:50 - 00003330 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2016-05-21 19:34 - 2014-09-02 18:00 - 00000000 ____D C:\Users\gabi\AppData\Local\Adobe
2016-05-21 14:39 - 2015-09-06 21:09 - 00000000 ____D C:\Users\gabi\Desktop\Vareni
2016-05-20 23:54 - 2015-08-22 14:15 - 00000000 ____D C:\Users\gabi\Desktop\Ruzne
2016-05-20 03:01 - 2016-03-01 14:12 - 16693208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-05-20 03:01 - 2015-12-01 12:21 - 00039124 _____ C:\Windows\system32\nvinfo.pb
2016-05-20 03:01 - 2013-02-26 00:32 - 14293592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-05-20 03:01 - 2013-02-26 00:32 - 03383448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-05-20 03:01 - 2012-03-11 22:46 - 03825384 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-05-19 22:11 - 2015-12-21 12:51 - 00531904 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-05-19 22:11 - 2015-12-21 12:51 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-05-19 22:11 - 2013-01-06 13:08 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-05-19 22:11 - 2012-03-11 22:47 - 06346688 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-05-19 22:11 - 2012-03-11 22:47 - 02454976 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-05-19 22:11 - 2012-03-11 22:47 - 01352760 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-05-19 22:11 - 2012-03-11 22:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-05-19 22:11 - 2012-03-11 22:47 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-05-19 21:33 - 2016-04-13 15:41 - 00000000 ____D C:\ProgramData\McAfee
2016-05-18 21:25 - 2014-03-22 10:17 - 00000000 ___RD C:\Users\gabi\Desktop\FOTKY
2016-05-18 19:25 - 2012-03-11 22:47 - 06448223 _____ C:\Windows\system32\nvcoproc.bin
2016-05-17 23:25 - 2016-03-03 12:56 - 00000000 ____D C:\Users\gabi\Downloads\Aplikace a programy
2016-05-16 22:59 - 2013-11-09 00:32 - 00000000 ____D C:\Users\gabi\Desktop\Stranky
2016-05-13 12:22 - 2012-03-11 22:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-05-13 12:18 - 2013-12-06 08:04 - 00000000 ____D C:\Users\gabi\AppData\Local\NVIDIA
2016-05-12 18:46 - 2012-03-14 14:16 - 00002370 _____ C:\Users\gabi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-10 18:05 - 2014-06-17 14:34 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a
2016-05-09 20:50 - 2015-10-11 22:43 - 00000000 ____D C:\Users\gabi\Desktop\Nove do simsu
2016-05-08 14:17 - 2013-02-22 11:01 - 00000000 ____D C:\Program Files (x86)\Recepty doma
2016-05-08 00:57 - 2016-02-12 18:52 - 00000659 _____ C:\Users\gabi\Documents\Kody na kafe.txt
2016-05-07 12:34 - 2016-03-03 12:55 - 00000000 ____D C:\Users\gabi\Downloads\Filmy
2016-05-06 23:58 - 2015-07-27 01:51 - 00000000 ____D C:\Users\gabi\Desktop\Rucni prace a navody
2016-05-06 00:59 - 2014-11-22 19:06 - 00000000 ____D C:\Users\gabi\Desktop\Ryby
2016-05-05 16:24 - 2012-04-03 15:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-04 15:02 - 2015-04-25 06:54 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-04 15:02 - 2015-04-25 06:52 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-04 00:45 - 2015-06-20 12:32 - 00000000 ____D C:\Users\gabi\Desktop\Obchody
2016-05-03 22:23 - 2016-03-10 14:31 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-05-03 22:22 - 2016-03-10 14:31 - 00130848 _____ C:\Windows\system32\vulkan-1.dll
2016-05-03 22:22 - 2016-03-10 14:31 - 00045344 _____ C:\Windows\system32\vulkaninfo.exe
2016-05-03 22:22 - 2016-03-10 14:31 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-05-02 12:14 - 2014-11-08 16:52 - 00000000 ____D C:\Users\gabi\Desktop\Moje vánoční kuchařka
2016-05-02 01:39 - 2015-09-23 09:09 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-05-02 01:39 - 2013-12-06 08:04 - 01377800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-05-02 01:38 - 2015-11-27 11:53 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-05-02 01:38 - 2015-09-23 09:09 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-05-02 01:38 - 2013-12-06 08:04 - 01767944 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
==================== Files in the root of some directories =======
2013-08-26 12:19 - 2013-09-17 01:19 - 0000114 _____ () C:\Users\gabi\AppData\Roaming\WB.CFG
2013-08-26 12:19 - 2013-09-17 01:19 - 0000005 _____ () C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
2015-04-07 05:49 - 2015-04-07 05:49 - 0000064 _____ () C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
2013-10-12 12:48 - 2013-11-23 15:46 - 0003584 _____ () C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-03-09 12:29 - 2013-03-09 12:29 - 0002661 _____ () C:\Users\gabi\AppData\Local\recently-used.xbel
2013-05-10 18:04 - 2013-05-16 01:35 - 0007611 _____ () C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
2013-04-07 18:17 - 2013-04-07 18:17 - 0000003 _____ () C:\Users\gabi\AppData\Local\updater.log
2013-04-07 18:17 - 2015-10-02 02:47 - 0000424 _____ () C:\Users\gabi\AppData\Local\UserProducts.xml
2014-12-24 19:54 - 2014-12-24 19:54 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-05-16 15:50 - 2015-05-16 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2013-07-02 18:57] - [2015-06-02 19:08] - 1008640 ____A (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2013-07-02 18:57] - [2015-06-02 19:08] - 0833024 ____A (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-18 03:58
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Nemam tuseni, instaloval to kamarad uz je to par let. Predpokladam ale ze je to v poradku.
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
OK. Udělejte náskedující sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Udelalo mi to jeden log. Davam ho sem, ale nezobrazuje se. Co delam spatne?
Re: Prosim o kontrolu logu
Aha uz to vidim, hlasi mi to, ze ten log je prilis dlouhy 
Re: Prosim o kontrolu logu
OTL logfile created on: 5/24/2016 6:10:46 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 12.96 Gb Available Physical Memory | 81.06% Memory free
31.96 Gb Paging File | 28.66 Gb Available in Paging File | 89.66% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 220.67 Gb Free Space | 49.36% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 188.67 Gb Free Space | 63.29% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/24 16:09:39 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 17:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 16:09:39 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/24 15:20:22 | 000,000,326 | ---- | M] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 14:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/24 13:51:50 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/24 10:43:20 | 000,000,263 | ---- | M] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 09:35:04 | 000,000,251 | ---- | M] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | M] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/24 15:20:22 | 000,000,326 | ---- | C] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 13:51:50 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 10:43:20 | 000,000,263 | ---- | C] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/20 09:35:04 | 000,000,251 | ---- | C] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | C] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/02/22 10:41:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\.MyCookBook
[2013/06/23 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ad-Aware Antivirus
[2015/07/29 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ashampoo
[2012/03/14 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ASUS WebStorage
[2015/02/27 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\CAD-KAS
[2013/04/13 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\calibre
[2012/03/15 15:15:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Charles
[2015/08/07 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Lite
[2012/03/14 02:01:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Pro
[2014/07/26 04:42:58 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DSite
[2013/02/04 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Easy Macro Recorder
[2013/12/07 21:57:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ERGOM
[2013/10/02 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ESET
[2014/11/22 12:31:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Free Picture Solutions
[2012/03/15 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\GA-Data
[2014/08/06 00:16:46 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IcoFX
[2016/05/23 08:44:35 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IObit
[2013/08/22 13:18:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IrfanView
[2013/12/08 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Kalendra
[2012/07/04 06:38:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Leadertech
[2013/08/26 11:22:30 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Mipony
[2012/03/14 15:17:03 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Opera
[2015/07/29 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Origin
[2014/10/24 03:41:51 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PearlMountain
[2013/03/09 13:57:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PhotoFiltre 7
[2015/05/23 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ProductData
[2015/02/03 23:45:27 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SanDisk SecureAccess
[2013/02/22 19:28:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Scribus
[2013/05/07 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SecureSearch
[2013/04/10 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Seznam.cz
[2012/12/19 15:14:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\systweak
[2015/03/16 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TeamViewer
[2013/05/09 11:53:29 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TuneUp Software
[2013/11/24 11:57:44 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TV Online
[2014/02/11 07:16:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Unity
[2015/08/23 19:40:57 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Uschovna
[2015/06/18 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Visan
[2013/07/14 05:20:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\VitySoft
[2015/06/19 22:32:20 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Win7codecs
[2014/10/01 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Yandex
[2016/04/02 23:20:36 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Zoner
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 12.96 Gb Available Physical Memory | 81.06% Memory free
31.96 Gb Paging File | 28.66 Gb Available in Paging File | 89.66% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 220.67 Gb Free Space | 49.36% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 188.67 Gb Free Space | 63.29% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/24 16:09:39 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 17:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 16:09:39 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/24 15:20:22 | 000,000,326 | ---- | M] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 14:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/24 13:51:50 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/24 10:43:20 | 000,000,263 | ---- | M] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 09:35:04 | 000,000,251 | ---- | M] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | M] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/24 15:20:22 | 000,000,326 | ---- | C] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 13:51:50 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 10:43:20 | 000,000,263 | ---- | C] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/20 09:35:04 | 000,000,251 | ---- | C] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | C] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/02/22 10:41:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\.MyCookBook
[2013/06/23 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ad-Aware Antivirus
[2015/07/29 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ashampoo
[2012/03/14 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ASUS WebStorage
[2015/02/27 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\CAD-KAS
[2013/04/13 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\calibre
[2012/03/15 15:15:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Charles
[2015/08/07 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Lite
[2012/03/14 02:01:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Pro
[2014/07/26 04:42:58 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DSite
[2013/02/04 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Easy Macro Recorder
[2013/12/07 21:57:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ERGOM
[2013/10/02 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ESET
[2014/11/22 12:31:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Free Picture Solutions
[2012/03/15 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\GA-Data
[2014/08/06 00:16:46 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IcoFX
[2016/05/23 08:44:35 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IObit
[2013/08/22 13:18:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IrfanView
[2013/12/08 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Kalendra
[2012/07/04 06:38:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Leadertech
[2013/08/26 11:22:30 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Mipony
[2012/03/14 15:17:03 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Opera
[2015/07/29 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Origin
[2014/10/24 03:41:51 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PearlMountain
[2013/03/09 13:57:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PhotoFiltre 7
[2015/05/23 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ProductData
[2015/02/03 23:45:27 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SanDisk SecureAccess
[2013/02/22 19:28:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Scribus
[2013/05/07 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SecureSearch
[2013/04/10 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Seznam.cz
[2012/12/19 15:14:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\systweak
[2015/03/16 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TeamViewer
[2013/05/09 11:53:29 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TuneUp Software
[2013/11/24 11:57:44 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TV Online
[2014/02/11 07:16:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Unity
[2015/08/23 19:40:57 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Uschovna
[2015/06/18 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Visan
[2013/07/14 05:20:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\VitySoft
[2015/06/19 22:32:20 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Win7codecs
[2014/10/01 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Yandex
[2016/04/02 23:20:36 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Zoner
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
Re: Prosim o kontrolu logu
OTL logfile created on: 5/24/2016 6:17:26 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 12.85 Gb Available Physical Memory | 80.41% Memory free
31.96 Gb Paging File | 28.47 Gb Available in Paging File | 89.06% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 220.52 Gb Free Space | 49.33% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 188.67 Gb Free Space | 63.29% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/24 18:13:49 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Google Update] C:\Users\gabi\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/24 18:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/24 18:13:49 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 15:20:22 | 000,000,326 | ---- | M] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 14:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/24 13:51:50 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/24 10:43:20 | 000,000,263 | ---- | M] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 09:35:04 | 000,000,251 | ---- | M] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | M] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/24 15:20:22 | 000,000,326 | ---- | C] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 13:51:50 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 10:43:20 | 000,000,263 | ---- | C] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/20 09:35:04 | 000,000,251 | ---- | C] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | C] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 12.85 Gb Available Physical Memory | 80.41% Memory free
31.96 Gb Paging File | 28.47 Gb Available in Paging File | 89.06% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 220.52 Gb Free Space | 49.33% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 188.67 Gb Free Space | 63.29% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/24 18:13:49 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.1
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Google Update] C:\Users\gabi\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/24 18:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/24 18:13:49 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 17:36:15 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 15:20:22 | 000,000,326 | ---- | M] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 14:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/24 13:51:50 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/24 10:43:20 | 000,000,263 | ---- | M] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 09:35:04 | 000,000,251 | ---- | M] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | M] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/24 15:20:22 | 000,000,326 | ---- | C] () -- C:\Users\gabi\Desktop\Svědectví o vraždění dětí při loveckých honech – CIA, elita, satanský kult, Austrálie, USA, Kanada, VB, Francie i Holandsko .URL
[2016/05/24 13:51:50 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\FLOUR TORTILLAS (Step-by-step recipe) - YouTube.URL
[2016/05/24 10:43:20 | 000,000,263 | ---- | C] () -- C:\Users\gabi\Desktop\ORGONIT, chemtrails a obrana před ovlivňováním lidí EZOpress.URL
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/20 09:35:04 | 000,000,251 | ---- | C] () -- C:\Users\gabi\Desktop\(103) II.Kat Rum Meyhanesi.URL
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/02 02:34:54 | 000,000,308 | ---- | C] () -- C:\Users\gabi\Desktop\Pokud někde uvidíte tohoto brouka, okamžitě běžte pryč. To, co s vámi totiž udělá, je děsivé!.URL
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Kde je druhý log?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Tak snad to ted bude dobre.
OTL logfile created on: 5/25/2016 1:15:59 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 11.37 Gb Available Physical Memory | 71.15% Memory free
31.96 Gb Paging File | 27.34 Gb Available in Paging File | 85.52% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.22 Gb Free Space | 49.04% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/25 13:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 10:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/25 02:40:37 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/25 02:40:37 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
OTL logfile created on: 5/25/2016 1:15:59 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 11.37 Gb Available Physical Memory | 71.15% Memory free
31.96 Gb Paging File | 27.34 Gb Available in Paging File | 85.52% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.22 Gb Free Space | 49.04% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/25 13:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 10:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/25 02:40:37 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/25 02:40:37 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
Re: Prosim o kontrolu logu
Je mi lito, ale me to dela dva naprosto stejne logy
Re: Prosim o kontrolu logu
Tak jsme to projela jeste jednou. Zkusila jsem po prvnim scanu to zavrit a na druhe otevreni zadat druhy. Tohle mi vybehlo. Snad to bude stacit.
OTL logfile created on: 5/25/2016 1:30:05 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 11.21 Gb Available Physical Memory | 70.13% Memory free
31.96 Gb Paging File | 27.13 Gb Available in Paging File | 84.87% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.02 Gb Free Space | 48.99% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/25 13:20:44 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 13:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 10:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/25 02:40:37 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/25 13:20:44 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 02:40:37 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/02/22 10:41:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\.MyCookBook
[2013/06/23 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ad-Aware Antivirus
[2015/07/29 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ashampoo
[2012/03/14 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ASUS WebStorage
[2015/02/27 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\CAD-KAS
[2013/04/13 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\calibre
[2012/03/15 15:15:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Charles
[2015/08/07 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Lite
[2012/03/14 02:01:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Pro
[2014/07/26 04:42:58 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DSite
[2013/02/04 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Easy Macro Recorder
[2013/12/07 21:57:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ERGOM
[2013/10/02 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ESET
[2014/11/22 12:31:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Free Picture Solutions
[2012/03/15 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\GA-Data
[2014/08/06 00:16:46 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IcoFX
[2016/05/23 08:44:35 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IObit
[2013/08/22 13:18:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IrfanView
[2013/12/08 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Kalendra
[2012/07/04 06:38:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Leadertech
[2013/08/26 11:22:30 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Mipony
[2012/03/14 15:17:03 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Opera
[2015/07/29 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Origin
[2014/10/24 03:41:51 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PearlMountain
[2013/03/09 13:57:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PhotoFiltre 7
[2015/05/23 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ProductData
[2015/02/03 23:45:27 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SanDisk SecureAccess
[2013/02/22 19:28:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Scribus
[2013/05/07 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SecureSearch
[2013/04/10 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Seznam.cz
[2012/12/19 15:14:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\systweak
[2015/03/16 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TeamViewer
[2013/05/09 11:53:29 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TuneUp Software
[2013/11/24 11:57:44 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TV Online
[2014/02/11 07:16:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Unity
[2015/08/23 19:40:57 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Uschovna
[2015/06/18 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Visan
[2013/07/14 05:20:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\VitySoft
[2015/06/19 22:32:20 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Win7codecs
[2014/10/01 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Yandex
[2016/04/02 23:20:36 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Zoner
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
OTL logfile created on: 5/25/2016 1:30:05 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 11.21 Gb Available Physical Memory | 70.13% Memory free
31.96 Gb Paging File | 27.13 Gb Available in Paging File | 84.87% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.02 Gb Free Space | 48.99% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/25 13:20:44 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 13:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:06:18 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 10:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/25 02:40:37 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/25 13:20:44 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 02:40:37 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/02/22 10:41:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\.MyCookBook
[2013/06/23 01:13:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ad-Aware Antivirus
[2015/07/29 17:23:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Ashampoo
[2012/03/14 17:09:09 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ASUS WebStorage
[2015/02/27 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\CAD-KAS
[2013/04/13 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\calibre
[2012/03/15 15:15:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Charles
[2015/08/07 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Lite
[2012/03/14 02:01:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DAEMON Tools Pro
[2014/07/26 04:42:58 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\DSite
[2013/02/04 14:59:17 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Easy Macro Recorder
[2013/12/07 21:57:28 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ERGOM
[2013/10/02 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ESET
[2014/11/22 12:31:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Free Picture Solutions
[2012/03/15 17:44:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\GA-Data
[2014/08/06 00:16:46 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IcoFX
[2016/05/23 08:44:35 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IObit
[2013/08/22 13:18:08 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\IrfanView
[2013/12/08 18:34:04 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Kalendra
[2012/07/04 06:38:13 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Leadertech
[2013/08/26 11:22:30 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Mipony
[2012/03/14 15:17:03 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Opera
[2015/07/29 00:09:54 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Origin
[2014/10/24 03:41:51 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PearlMountain
[2013/03/09 13:57:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\PhotoFiltre 7
[2015/05/23 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\ProductData
[2015/02/03 23:45:27 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SanDisk SecureAccess
[2013/02/22 19:28:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Scribus
[2013/05/07 21:21:23 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\SecureSearch
[2013/04/10 08:56:22 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Seznam.cz
[2012/12/19 15:14:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\systweak
[2015/03/16 21:53:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TeamViewer
[2013/05/09 11:53:29 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TuneUp Software
[2013/11/24 11:57:44 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\TV Online
[2014/02/11 07:16:16 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Unity
[2015/08/23 19:40:57 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Uschovna
[2015/06/18 16:55:06 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Visan
[2013/07/14 05:20:33 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\VitySoft
[2015/06/19 22:32:20 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Win7codecs
[2014/10/01 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Yandex
[2016/04/02 23:20:36 | 000,000,000 | ---D | M] -- C:\Users\gabi\AppData\Roaming\Zoner
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
Re: Prosim o kontrolu logu
A tohle je druhy
OTL logfile created on: 5/25/2016 1:34:41 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 11.12 Gb Available Physical Memory | 69.58% Memory free
31.96 Gb Paging File | 26.88 Gb Available in Paging File | 84.09% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.02 Gb Free Space | 48.99% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/25 13:36:17 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:36:17 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:20:44 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 13:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/25 10:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/25 02:40:37 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/25 13:20:44 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 02:40:37 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
OTL logfile created on: 5/25/2016 1:34:41 PM - Run 5
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 11.12 Gb Available Physical Memory | 69.58% Memory free
31.96 Gb Paging File | 26.88 Gb Available in Paging File | 84.09% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.02 Gb Free Space | 48.99% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
PRC - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
PRC - [2016/05/10 18:05:43 | 000,250,008 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
PRC - [2016/05/02 23:30:33 | 000,392,136 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2016/05/02 02:02:13 | 002,398,776 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
PRC - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
PRC - [2016/04/29 14:24:30 | 005,224,224 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
PRC - [2016/03/15 17:46:46 | 001,529,632 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
PRC - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2016/03/10 14:07:20 | 009,926,112 | ---- | M] (Malwarebytes) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2016/03/02 13:43:20 | 000,573,728 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
PRC - [2016/01/11 13:30:00 | 002,019,616 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
PRC - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
PRC - [2015/10/01 16:10:14 | 000,477,184 | ---- | M] (Skillbrains) -- C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
PRC - [2015/07/28 21:22:40 | 005,889,824 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2015/07/17 15:21:14 | 002,062,112 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
PRC - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2015/03/31 20:26:14 | 000,470,304 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\iFreeUp\iFreeUpMini.exe
PRC - [2014/12/23 14:22:38 | 000,833,240 | ---- | M] (ZONER software) -- C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
PRC - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
========== Modules (No Company Name) ==========
MOD - [2016/05/02 02:02:09 | 000,020,536 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2016/01/11 17:03:24 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\webres.dll
MOD - [2016/01/11 17:02:48 | 000,630,048 | ---- | M] () -- C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll
MOD - [2015/12/28 13:50:58 | 000,899,872 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
MOD - [2015/12/28 13:49:58 | 000,629,536 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
MOD - [2015/12/23 18:32:40 | 000,355,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madexcept_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\maddisAsm_.bpl
MOD - [2015/12/23 18:32:38 | 000,057,632 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\maddisAsm_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\IObit Uninstaller\madbasic_.bpl
MOD - [2015/12/23 18:32:36 | 000,190,240 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare\madbasic_.bpl
MOD - [2013/01/15 18:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madexcept_.bpl
MOD - [2013/01/15 18:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\maddisAsm_.bpl
MOD - [2013/01/15 18:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\iFreeUp\madbasic_.bpl
========== Services (SafeList) ==========
SRV:64bit: - [2016/05/16 15:36:52 | 000,086,864 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe -- (TrueKeyServiceHelper)
SRV:64bit: - [2016/05/16 15:30:30 | 000,015,736 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McTkSchedulerService.exe -- (TrueKeyScheduler)
SRV:64bit: - [2016/05/16 15:30:04 | 000,878,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe -- (TrueKey)
SRV:64bit: - [2016/05/02 01:58:46 | 001,165,368 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2016/05/02 01:55:38 | 002,522,680 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2016/05/02 01:55:33 | 003,634,232 | ---- | M] (NVIDIA Corporation) [On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe -- (NvStreamNetworkSvc)
SRV:64bit: - [2016/03/08 02:13:04 | 002,829,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2015/11/25 16:00:00 | 003,020,440 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BCA\pabeSvc64.exe -- (IntelBCAsvc)
SRV:64bit: - [2015/09/16 00:08:40 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015/07/08 15:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2015/05/25 19:37:49 | 001,254,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/04/29 23:52:38 | 000,238,080 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013/01/31 05:37:56 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/01/30 13:52:10 | 000,405,744 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2011/12/01 11:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2011/09/27 15:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2016/05/23 09:18:06 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/05/19 21:45:30 | 000,426,040 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe -- (Stereo Service)
SRV - [2016/05/02 23:31:11 | 000,146,888 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2016/05/02 01:59:20 | 001,881,144 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2016/04/29 15:52:40 | 001,773,696 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
SRV - [2016/04/29 15:52:34 | 001,433,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
SRV - [2016/03/10 14:07:30 | 001,136,608 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2016/03/10 14:07:28 | 001,514,464 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2016/01/14 10:59:02 | 002,945,312 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2016/01/05 11:14:12 | 000,446,240 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe -- (AdvancedSystemCareService9)
SRV - [2015/09/19 03:55:16 | 002,057,736 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2015/07/17 15:21:14 | 000,882,464 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2015/07/07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015/06/18 08:57:18 | 001,268,568 | ---- | M] (Disc Soft Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe -- (Disc Soft Lite Bus Service)
SRV - [2015/03/28 12:58:42 | 000,089,840 | ---- | M] (Hewlett-Packard Company) [On_Demand | Stopped] -- C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2015/01/02 19:45:12 | 000,315,488 | ---- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/16 00:23:26 | 000,487,960 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2014/01/16 11:34:08 | 000,495,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2013/12/03 11:56:50 | 000,079,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2013/01/31 05:37:56 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/06/13 04:36:54 | 000,922,240 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe -- (asComSvc)
SRV - [2011/05/19 18:39:18 | 000,013,592 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/12/02 14:34:52 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010/12/01 22:15:14 | 000,915,584 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010/10/21 05:52:26 | 000,586,880 | R--- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2016/05/02 01:55:28 | 000,028,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2016/04/14 01:38:19 | 000,056,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2016/04/09 10:52:50 | 001,027,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2016/03/10 14:09:06 | 000,064,896 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2016/03/10 14:08:54 | 000,027,008 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/08/18 21:50:46 | 000,030,264 | ---- | M] (Disc Soft Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dtlitescsibus.sys -- (dtlitescsibus)
DRV:64bit: - [2015/08/05 13:47:15 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2015/07/14 15:29:08 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2015/07/14 15:29:08 | 000,231,520 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2015/07/14 15:29:08 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2015/07/14 15:29:08 | 000,072,400 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2015/07/14 15:29:08 | 000,053,360 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2015/07/05 17:06:43 | 000,242,688 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2015/05/25 19:00:00 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015/05/25 18:59:59 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015/05/16 15:54:18 | 001,547,616 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2015/01/27 01:23:46 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2013/06/23 01:31:11 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/05/30 11:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013/05/09 04:59:06 | 000,022,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2013/04/30 00:16:04 | 011,922,944 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013/04/29 22:48:14 | 000,359,936 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2012/08/29 02:24:50 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012/08/29 02:24:50 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2012/06/27 04:37:56 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2012/06/27 04:37:56 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2012/06/27 04:37:56 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2012/06/27 04:37:56 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/02 02:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011/09/02 02:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 02:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 02:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/06/29 03:04:58 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2011/06/02 13:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/05/10 20:46:52 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/04/09 09:33:20 | 000,235,008 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbwwan.sys -- (ZTEusbwwan)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2010/12/29 15:16:54 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmeaext2.sys -- (ZTEusbMB)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/08 17:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010/10/19 19:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/21 14:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010/01/14 08:27:46 | 000,032,544 | R--- | M] (Realtek ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2010/01/14 08:27:30 | 000,048,416 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (VLAN)
DRV:64bit: - [2010/01/14 08:27:18 | 000,029,472 | R--- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2009/11/23 20:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 20:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/06/10 16:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/04/15 12:17:32 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV - [2015/05/16 15:46:08 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
DRV - [2015/03/25 20:07:34 | 000,034,848 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2015/03/25 20:07:34 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2015/03/25 20:07:34 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2010/11/01 06:08:46 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2010/09/16 23:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {62E1E48F-ED7E-4ECE-9E44-7D6F4223C188}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.com
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A1 47 5C 2C 9B 01 CD 01 [binary data]
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\fi, = http://www.firmy.cz/phr/%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\ma, = http://www.mapy.cz/?sourceid=quicksearch_6826&query=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\se, = http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\vi, = http://videa.seznam.cz/?q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Internet Explorer\SearchURL\zb, = http://www.zbozi.cz/?sourceid=quicksearch_6826&q=%s
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{180780f0-b348-4b44-8210-94a8f3ee15b2}: "URL" = http://search.comcast.net/search/?cat=W ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{A486E4F4-30E2-454A-A4B4-9C78441179EA}: "URL" = http://www.google.com/search?q={searchT ... utEncoding?}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}: "URL" = http://securedsearch.lavasoft.com/resul ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\firmy.cz-020302: "URL" = http://www.firmy.cz/phr/{searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\mapy.cz-020302: "URL" = http://www.mapy.cz/?sourceid=quicksearc ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-020302: "URL" = http://searchou.com/?q={searchTerms}&id ... 1d3c&r=664
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\seznam.cz-091952: "URL" = http://search.seznam.cz/?sourceid=quick ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\videa.seznam.cz-181817: "URL" = http://videa.seznam.cz/?q={searchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\SearchScopes\zbozi.cz-020302: "URL" = http://www.zbozi.cz/?sourceid=quicksear ... earchTerms}
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.defaultenginename: "Google Default"
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: "WhiteSmoke New Customized Web Search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.http_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.no_proxies_on: "localhost, 127.0.0.1"
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl: ""
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.ssl_port: 0
FF - prefs.js..extensions.charles.settings.disabled.network.proxy.type: 5
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.http_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.no_proxies_on: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.share_proxy_settings: false
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks: ""
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.socks_port: 0
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl: "127.0.0.1"
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.ssl_port: 8888
FF - prefs.js..extensions.charles.settings.enabled.network.proxy.type: 1
FF - prefs.js..extensions.enabledAddons: %7B4cc4a13b-94a6-7568-370d-5f9de54a9c7f%7D:2.7.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Bce7e73df-6a44-4028-8079-5927a588c948%7D:1.1.2.1-signed.1-signed
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:3.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:46.0.1
FF - prefs.js..extensions.enabledItems: {40D65E82-75AC-47CA-8A73-1CEDC2668EFF}:1.0
FF - prefs.js..extensions.enabledItems: iau6mcws@xzhzysklu.co.uk:1.5
FF - prefs.js..extensions.enabledItems: {C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}:2.0.0.566
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.436
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.12.0.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gabi\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 46.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016/02/16 12:42:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{4340308e-3e37-4dd7-9192-8cf05ce9c9f2}: C:\Program Files (x86)\LyriXeeker\130.xpi
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: disable
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
[2013/04/14 07:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Extensions
[2016/05/03 09:13:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions
[2016/04/28 02:24:54 | 000,000,000 | ---D | M] (Empty Cache Button) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{4cc4a13b-94a6-7568-370d-5f9de54a9c7f}
[2013/09/13 12:50:12 | 000,000,000 | ---D | M] (saveensharie) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\8fa6m-h@iiyiyeeiyi.com
[2015/04/02 14:18:08 | 000,000,000 | ---D | M] ("Bing Search Engine") -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\bingsearch.full@microsoft.com
[2013/11/24 11:56:13 | 000,000,000 | ---D | M] (MyWordTool) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\emily@wilford.biz
[2016/01/06 18:04:51 | 000,102,947 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\html5-video-everywhere@lejenome.me.xpi
[2016/04/27 09:11:22 | 000,007,255 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\useragentrg-upd@mozilla.org.xpi
[2015/03/22 12:21:05 | 000,009,855 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
[2016/04/28 02:24:54 | 000,073,436 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi
[2016/04/30 09:27:25 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2016/05/03 09:13:32 | 000,097,981 | ---- | M] () (No name found) -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
[2015/05/09 19:42:25 | 000,001,763 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\amazoncom-pro.xml
[2015/05/09 11:22:49 | 000,002,938 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\bing.xml
[2015/12/10 04:37:43 | 000,002,290 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\facebook.xml
[2015/05/09 19:41:51 | 000,002,382 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\google-default.xml
[2015/05/09 19:41:45 | 000,004,208 | ---- | M] () -- C:\Users\gabi\AppData\Roaming\Mozilla\Firefox\Profiles\cznanbow.default\searchplugins\youtube.xml
[2016/05/23 02:24:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2012/10/01 21:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\gabi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
O1 HOSTS File: ([2016/04/13 17:44:24 | 000,000,050 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: ㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (IObit)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Surfing Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O3 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..\Toolbar\WebBrowser: (no name) - {91397D20-1446-11D4-8AF4-0040CA1127B6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Advanced SystemCare 9] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (IObit)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [HP ENVY 5530 series (NET)] C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Development Company, LP)
O4 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE (ZONER software)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8:64bit: - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8:64bit: - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8:64bit: - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O8 - Extra context menu item: Clip bookmark - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0 File not found
O8 - Extra context menu item: Oříznutý obrázek - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Translate Selection - C:\Program Files (x86)\TGF Interactive\Translate Genius\ContextMenu.htm ()
O8 - Extra context menu item: Vystřihnout tuto stránku - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1 File not found
O8 - Extra context menu item: Vystřihnout výběr - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-4097007782-1966444928-4019047729-1000\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A95C1F79-C963-44D3-88A2-B0540AD12411}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC0D0F0F-DAEC-4297-9451-C8B98AD770E1}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\skypec2c - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/09/18 03:50:17 | 000,465,216 | R--- | M] (Electronic Arts) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2013/09/10 18:36:44 | 000,000,049 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2016/05/24 16:43:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:01 | 000,000,000 | ---D | C] -- C:\FRST
[2016/05/23 20:29:07 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2016/05/23 12:34:19 | 000,113,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/23 12:32:34 | 031,600,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/23 12:32:34 | 025,372,096 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/23 12:32:34 | 021,794,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/23 12:32:34 | 019,110,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/23 12:32:34 | 018,138,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/23 12:32:34 | 001,581,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/23 12:32:34 | 000,911,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/23 12:32:34 | 000,476,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/23 12:32:34 | 000,394,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/23 12:32:34 | 000,177,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/23 12:32:34 | 000,155,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/23 12:32:34 | 000,153,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/23 12:32:34 | 000,141,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/23 12:32:34 | 000,131,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/23 12:32:34 | 000,046,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/23 12:32:33 | 021,336,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/23 12:32:33 | 017,732,936 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/23 12:32:33 | 017,236,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/23 12:32:33 | 003,447,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/23 12:32:33 | 003,001,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/23 12:32:33 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/23 12:32:33 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/23 12:32:33 | 000,984,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/23 12:32:33 | 000,770,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/23 12:32:33 | 000,708,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/23 08:46:20 | 000,444,656 | ---- | C] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 08:44:44 | 000,000,000 | ---D | C] -- C:\Windows\IObit
[2016/05/23 08:44:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag
[2016/05/21 19:34:30 | 000,797,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/21 19:34:30 | 000,142,528 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/13 12:21:06 | 001,922,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/13 12:21:06 | 001,573,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/13 12:18:23 | 000,113,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2016/05/13 12:18:23 | 000,102,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2016/05/13 12:18:23 | 000,056,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2016/05/25 13:36:17 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:36:17 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/05/25 13:20:44 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 13:18:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/25 13:13:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016/05/25 10:33:00 | 000,000,386 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4097007782-1966444928-4019047729-1000.job
[2016/05/25 02:40:37 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 18:10:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf8a5ab905131a.job
[2016/05/24 16:47:59 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/05/24 16:43:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\gabi\Desktop\OTL.exe
[2016/05/24 11:39:27 | 013,017,592 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016/05/24 11:39:27 | 013,011,444 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016/05/24 11:39:27 | 009,057,722 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016/05/24 11:39:27 | 004,369,038 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016/05/24 11:39:27 | 004,350,136 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016/05/24 11:33:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/05/24 11:33:18 | 4281,032,702 | -HS- | M] () -- C:\hiberfil.sys
[2016/05/23 14:17:14 | 000,001,188 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1d0407e5afc26.job
[2016/05/23 11:12:12 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000UA1cf8a33639a01d.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d09002253e2ab2.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1d03ffbcb6285ca.job
[2016/05/23 11:12:12 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf8a5ab91b5a8e.job
[2016/05/23 11:12:12 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4097007782-1966444928-4019047729-1000Core1cf8a3361aa5f9.job
[2016/05/23 11:07:34 | 000,000,209 | ---- | M] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 09:18:06 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016/05/23 09:18:06 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016/05/23 08:46:20 | 000,444,656 | ---- | M] (ASMedia Technology Inc) -- C:\Windows\SysNative\drivers\asmtxhci.sys
[2016/05/23 02:24:21 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:43 | 000,001,654 | ---- | M] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 17:10:34 | 001,581,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdagenco64.dll
[2016/05/21 17:10:34 | 000,141,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2016/05/21 17:10:34 | 000,046,024 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2016/05/20 03:01:55 | 039,979,576 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/20 03:01:55 | 035,117,112 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/20 03:01:55 | 031,600,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2016/05/20 03:01:55 | 025,372,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2016/05/20 03:01:55 | 021,794,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2016/05/20 03:01:55 | 021,336,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2016/05/20 03:01:55 | 019,110,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2016/05/20 03:01:55 | 018,138,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2016/05/20 03:01:55 | 017,732,936 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2016/05/20 03:01:55 | 017,236,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2016/05/20 03:01:55 | 016,693,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2016/05/20 03:01:55 | 014,293,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2016/05/20 03:01:55 | 010,642,728 | ---- | M] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 008,733,096 | ---- | M] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/20 03:01:55 | 003,825,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2016/05/20 03:01:55 | 003,447,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2016/05/20 03:01:55 | 003,383,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2016/05/20 03:01:55 | 003,001,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2016/05/20 03:01:55 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436822.dll
[2016/05/20 03:01:55 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436822.dll
[2016/05/20 03:01:55 | 000,984,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2016/05/20 03:01:55 | 000,911,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2016/05/20 03:01:55 | 000,770,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2016/05/20 03:01:55 | 000,708,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2016/05/20 03:01:55 | 000,669,952 | ---- | M] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,565,392 | ---- | M] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/20 03:01:55 | 000,476,848 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2016/05/20 03:01:55 | 000,394,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2016/05/20 03:01:55 | 000,177,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2016/05/20 03:01:55 | 000,155,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2016/05/20 03:01:55 | 000,153,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2016/05/20 03:01:55 | 000,131,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2016/05/20 03:01:55 | 000,039,124 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/20 03:01:55 | 000,000,594 | ---- | M] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/19 22:11:23 | 006,346,688 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2016/05/19 22:11:23 | 002,454,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2016/05/19 22:11:21 | 001,762,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2016/05/19 22:11:21 | 000,531,904 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2016/05/19 22:11:21 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2016/05/19 22:11:21 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2016/05/19 22:11:21 | 000,069,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2016/05/19 21:45:30 | 000,113,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2016/05/18 19:25:24 | 006,448,223 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2016/05/17 09:40:36 | 000,000,224 | ---- | M] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | M] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | M] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/10 00:07:01 | 001,922,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6436519.dll
[2016/05/10 00:07:01 | 001,573,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6436519.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:23:30 | 000,129,824 | ---- | M] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:58 | 000,040,224 | ---- | M] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:42 | 000,130,848 | ---- | M] () -- C:\Windows\SysNative\vulkan-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:10 | 000,045,344 | ---- | M] () -- C:\Windows\SysNative\vulkaninfo.exe
[2016/05/02 01:39:01 | 001,377,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2016/05/02 01:39:01 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2016/05/02 01:38:42 | 001,767,944 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2016/05/02 01:38:42 | 001,756,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2016/05/02 01:38:42 | 000,112,032 | ---- | M] () -- C:\Windows\SysNative\NvRtmpStreamer64.dll
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2016/05/25 13:20:44 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Grilled Pocket Burgers by the BBQ Pit Boys - YouTube.URL
[2016/05/25 02:40:37 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\150 Anglické Věty Pro Začátečníky - YouTube.URL
[2016/05/24 16:47:59 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/05/23 14:17:12 | 000,001,188 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160523_141706.reg
[2016/05/23 12:32:34 | 010,642,728 | ---- | C] () -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2016/05/23 12:32:34 | 008,733,096 | ---- | C] () -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2016/05/23 12:32:33 | 039,979,576 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2016/05/23 12:32:33 | 035,117,112 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2016/05/23 12:32:33 | 000,669,952 | ---- | C] () -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,565,392 | ---- | C] () -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysNative\nv-vk64.json
[2016/05/23 12:32:33 | 000,000,594 | ---- | C] () -- C:\Windows\SysWow64\nv-vk32.json
[2016/05/23 11:07:34 | 000,000,209 | ---- | C] () -- C:\Users\gabi\Desktop\WeTransfer.URL
[2016/05/23 02:24:21 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2016/05/22 23:43:41 | 000,001,654 | ---- | C] () -- C:\Users\gabi\Documents\cc_20160522_234339.reg
[2016/05/21 19:34:31 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/05/17 09:40:36 | 000,000,224 | ---- | C] () -- C:\Users\gabi\Desktop\Beer Can Bacon Burger recipes by the BBQ Pit Boys - YouTube.URL
[2016/05/15 16:45:35 | 000,000,228 | ---- | C] () -- C:\Users\gabi\Desktop\MicroTouch Switchblade™ - 2 in 1 Trimmer Lets You Groom Everywhere, Head to Toe!.URL
[2016/05/15 12:28:56 | 000,000,292 | ---- | C] () -- C:\Users\gabi\Desktop\Dutch Glow® Cleaning Tonic Powerful, nontoxic, all natural kitchen cleaner!.URL
[2016/05/03 22:23:30 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:58 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
[2016/05/03 22:22:42 | 000,130,848 | ---- | C] () -- C:\Windows\SysNative\vulkan-1-1-0-11-1.dll
[2016/05/03 22:22:10 | 000,045,344 | ---- | C] () -- C:\Windows\SysNative\vulkaninfo-1-1-0-11-1.exe
[2016/03/10 14:31:09 | 000,129,824 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016/03/10 14:31:09 | 000,040,224 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016/02/13 21:47:02 | 000,125,720 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-3-0.dll
[2016/02/13 21:45:46 | 000,042,264 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-3-0.exe
[2015/09/06 15:43:25 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2015/05/16 15:50:36 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/05/09 10:42:58 | 000,002,848 | ---- | C] () -- C:\Windows\SysWow64\LavasoftTcpServiceOff.ini
[2015/04/07 05:49:19 | 000,000,064 | ---- | C] () -- C:\Users\gabi\AppData\Local\29ac5b7c7af3f31b11ecb2fdbcc37a98
[2015/02/27 15:07:32 | 000,082,064 | ---- | C] () -- C:\Windows\cadkasdeinst01cz.exe
[2015/02/27 14:21:20 | 000,001,290 | ---- | C] () -- C:\Windows\CITP_SearchHistory.INI
[2015/02/27 14:09:40 | 000,404,624 | ---- | C] () -- C:\Windows\cadkasdeinst01e_64.exe
[2015/01/05 12:46:17 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/12/24 19:54:26 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2013/10/12 12:48:52 | 000,003,584 | ---- | C] () -- C:\Users\gabi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/26 12:19:02 | 000,000,005 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WBPU-TTL.DAT
[2013/08/26 12:19:01 | 000,000,114 | ---- | C] () -- C:\Users\gabi\AppData\Roaming\WB.CFG
[2013/08/26 11:19:52 | 000,000,896 | RHS- | C] () -- C:\Users\gabi\ntuser.pol
[2013/05/10 18:04:49 | 000,007,611 | ---- | C] () -- C:\Users\gabi\AppData\Local\Resmon.ResmonCfg
[2013/04/07 18:17:42 | 000,000,424 | ---- | C] () -- C:\Users\gabi\AppData\Local\UserProducts.xml
[2013/03/09 12:29:41 | 000,002,661 | ---- | C] () -- C:\Users\gabi\AppData\Local\recently-used.xbel
========== ZeroAccess Check ==========
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/08/06 14:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 13:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:373E1720
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:16E15B52
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Jeden z logů se jmenuje OTL a druhý Extras. Bez toho se nedá pokračovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Tak ted mi to konecne udelalo aj ten druhy log. Musela jsme to vyhodit a stahnout novy. Tak snad uz to bude v poradku.
OTL Extras logfile created on: 5/25/2016 3:17:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 13.44 Gb Available Physical Memory | 84.07% Memory free
31.96 Gb Paging File | 29.27 Gb Available in Paging File | 91.56% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.09 Gb Free Space | 49.01% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Uschovna.cz] -- C:\Program Files (x86)\Uschovna.cz\Uschovna_cz.exe /sendto: %1 (Capsa)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Uschovna.cz] -- C:\Program Files (x86)\Uschovna.cz\Uschovna_cz.exe /sendto: %1 (Capsa)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0325B0A8-6B4F-4325-B9FA-9E700DBE2A67}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0BDA1E53-6DE9-4E51-A15D-A98E541746C1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{1556E73E-D815-419A-A9FF-82026FC2FBA5}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B102F9C-5894-4208-A92E-E08B7B937730}" = lport=139 | protocol=6 | dir=in | app=system |
"{1B4D55F3-BB4D-40C4-8E4E-B668A71060CC}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{1C92A824-2BE4-4E00-BC47-24962AE12269}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{23BE8D4D-5D4B-41A2-8007-D5D60E94B636}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28BDB985-2BF4-4897-BF26-3C1D8A6D4446}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E5FE74C-2D5D-4443-9FCD-ED5D332C3A1E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FB3DCAB-E976-4B8E-A3ED-0ED4BB3A6B8B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{308CE68E-6ABE-4DDB-8B47-805CAB20225A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3246F0CC-647A-43AF-9E3E-501F1B852E5A}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{468B2199-2767-4BF7-A714-3F9DFB2B7990}" = lport=2869 | protocol=6 | dir=in | app=system |
"{46969B1B-56FC-4A90-A800-7A1B02E5E1E9}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{520B88A9-FD4F-4148-AD5F-46491170F58A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{522C0207-2520-443C-A5C1-AC9549BA4ABF}" = lport=138 | protocol=17 | dir=in | app=system |
"{59281712-2541-4E6A-A149-48023513CC71}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D4E3FFB-02D7-48AA-8C1E-545237CB3BC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{66E59D05-FC28-4DF8-A830-B27E4A37C83C}" = rport=138 | protocol=17 | dir=out | app=system |
"{6B800E91-2EC4-48AD-AAAD-78DCE5B359F6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{718354B2-15A9-4998-AF9F-A66D40C09F88}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7334A73A-FE31-4206-8141-A2D340F5713E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CA360DE-F201-4ACA-9F8B-829AF3526E58}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9013B761-F0B6-40A0-BD53-1F7DE32A0374}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90700B21-8335-49F9-AF96-3F0D0D7DA6C1}" = rport=137 | protocol=17 | dir=out | app=system |
"{92EBEB2F-7E6D-45D2-AD42-79EF7A879788}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9A5DE0D9-A7BE-464B-A6FC-1D2EAB8CA41D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A576EAA2-07FB-4369-86BB-FF9BCDC5129B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A6BC7612-843F-4229-A6C4-11B40D935670}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{A92620D2-0D04-4259-AB16-202A1AFDC3A6}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ACA16760-C296-4902-9AB0-D75B4E1A9B09}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AD430F13-D014-4808-A13C-F4211DFC107B}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{BF54C441-A1C4-4B2C-AFF7-3A528255D16A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D13BF2A0-F414-4A3C-9118-7AB0DC299C1E}" = lport=445 | protocol=6 | dir=in | app=system |
"{D36AE2B0-3F5C-440F-BC9D-897124AA9876}" = lport=137 | protocol=17 | dir=in | app=system |
"{D3CF1041-D8BD-44ED-B73B-918F4AD8F36A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D86F33BD-DB31-43D1-B1DB-068485527B5A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9B22BA7-6681-429A-92E4-B00D6B7C04F2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E014DA9D-6CCE-4C59-B996-9833B2A01487}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\sony\playmemories home\pmbbrowser.exe |
"{E0637BFB-1003-48EC-897C-67C005680CCA}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E19C4CF0-E74C-4690-B58C-CCFA5E282323}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB9CB6BD-BE79-49D8-A2CC-591737C970E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED9EC7D0-8106-429F-9BBF-20C072B9E561}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F19FF12F-6E4F-44E9-9D0B-076D2D49CC19}" = rport=139 | protocol=6 | dir=out | app=system |
"{F95438DD-EC2F-4541-9A79-219B55DCCFDE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0065A694-EEAC-4BA5-815E-3556B4915392}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{130A1999-6273-45C0-94D2-B7695DE4A2BA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{143F2AC4-6234-433C-85A7-16A65FFB9A9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1880233B-18B0-4BC5-A8CB-72BBE251F9DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1D2022AE-82E2-457D-ADC0-DFAAFB6642EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2055731D-5E24-4FC9-A44C-C3DD78A1F161}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{25F74A5B-6091-4DBF-B08A-395C37E2080A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2C25DC7E-73C6-4924-9341-DB64606ADA4A}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{2EEA238B-B756-4606-AEB8-023CB13E4E09}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\the sims 4\game\bin\ts4.exe |
"{303F14B6-E8DF-4C63-804C-F3C1325CF6A4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{314C9C7E-5A51-4170-8BBC-5325D400847B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{345263CA-9C2A-4992-821B-0B33112646B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{363D2EB3-014C-42F9-B64F-12E38C70F25A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F98E4CA-3667-4225-B303-09A29DED7229}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4419EBCE-2CA3-43DB-955B-828684956D41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{448D87B9-8FD3-4767-81B1-D069BFDBEF0F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{4E17BA4D-CC06-4AA5-83DC-026961F02FE7}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\playmemories home\pmbbrowser.exe |
"{52540C2A-E070-42DB-B21C-54DD2AB8B290}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5579C489-CDBB-4198-A0ED-3B049C8CD55F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5E68D909-0C1E-454A-8EF1-92DFC425E712}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{63179D3D-111C-4044-B226-346CA4975F33}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6DC82B3C-4E70-4E5E-BECE-4B645ABF5A39}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{7F24F425-8FC5-477A-B8EC-7BAF4287B120}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88FAA6FB-40ED-4569-A569-A3E7C7DC5B06}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\bejeweled 3\bejeweled3.exe |
"{909BC4C5-D9E7-44F0-932A-8663D1420BE2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{931F7EE6-0636-4EEF-9069-9C43E3B2E9DD}" = dir=out | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{952FE617-970D-4D54-B83A-E563DC3B6A55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9590597B-DDA7-42E7-816A-0E1674460575}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A0244989-C03F-4221-808B-CEC289E2FD4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A3ACAC87-011E-4FE0-BE83-9E9B2FC02358}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\bejeweled 3\bejeweled3.exe |
"{A5DA47BE-D0A5-43CA-BA7B-7AB8AC953CDE}" = dir=in | app=c:\users\gabi\appdata\local\microsoft\onedrive\onedrive.exe |
"{A9ECE218-F14A-4D08-AC6E-EE5AD065385A}" = dir=in | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{B5E69D31-CCB9-4B46-8BB6-B28AC3201190}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BCD731B6-91E8-45B3-A99A-F6318D10F631}" = dir=in | app=c:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe |
"{BEC6AEBF-8FE1-42AE-9E6E-C1C04BBBF8B7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C3659139-2CB7-4105-9D13-346F3AEFE95F}" = protocol=6 | dir=out | app=system |
"{C6341DB6-A747-4533-8D6F-E443E82B3E51}" = dir=in | app=c:\program files\hp\hp envy 5530 series\bin\devicesetup.exe |
"{CF02FDDE-98D9-416E-84EF-BA201A232AD8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1E2B5AA-B460-4C0C-AD35-33D8C615D074}" = dir=out | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{D56C4C9D-5E1C-432C-B0E9-2FE5F039A58C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DD6728BA-0293-4824-BDCF-E64E8554FB13}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"{E334B504-CBC1-4B54-9994-24D810A7385A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\the sims 4\game\bin\ts4.exe |
"{E8E7E320-789C-4721-A2C9-10CBCBB5DE24}" = dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{EA4B1F1D-693A-4CCF-B4A3-85CA70314E75}" = dir=in | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{EC2004E0-4870-44DE-B884-E4C2C9308573}" = dir=out | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{F02F44C8-E2C8-46BB-8571-EF120B87FD61}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F0810CC6-7FC8-466C-9CD7-BF818652132F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F7985A57-0114-4CD9-B012-E7543CC65FFB}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"TCP Query User{2B73D512-247F-4B61-9D20-02ECECC06594}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{68DB07B0-4B68-4A9F-A4F6-3F8BE0DECC75}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{31F4696A-E711-4CD2-B826-10515A6C4374}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{5395F69B-A577-4D81-864B-F9D39E79A04F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034B6AC8-DCF6-585B-2AFD-3FF0D4A559BB}" = AMD Accelerated Video Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417080FF}" = Java 7 Update 80 (64-bit)
"{30921AC4-6875-F7DF-B48B-2BB68C000BB6}" = AMD Media Foundation Decoders
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{37D41A97-6B02-4C30-8753-85107BE1D674}" = Intel® RealSense™ SDK 2014 Runtime (x64): Core
"{37FCE154-7F59-74F0-3A35-BF503CEB230B}" = AMD Catalyst Install Manager
"{3A194988-24D4-4C26-B1B8-C0281CFC5290}" = Studie vylepšování produktu HP ENVY 5530 series
"{3D576235-F0CE-4B50-A9C6-0775B9E50B63}" = MergeModule_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D8E383E-0AB7-482D-9327-BB92D53312B4}" = ESET Smart Security
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{526002E5-7D5B-4703-A4E3-BA566AED5D8A}" = Intel(R) Biometric and Context Agent
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6C676266-91E4-DC71-E661-13494AC29A3E}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82CD33B2-1DE6-4663-B6F0-1592B2376F78}" = VS10Runtimex64
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{999DB5B3-EE44-8837-2B51-4AF44CD1FD22}" = AMD Drag and Drop Transcoding
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 368.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 368.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 368.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 364.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.34.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.40
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DF005DA9-467C-497F-B0E4-D8AF6B956809}" = Základní software zařízení HP ENVY 5530 series
"{E6D505B9-1A18-4F67-9BE0-D37B5164D581}" = Intel(R) Biometric and Context Agent Redistributables
"{F07F9109-D141-4E88-BFF5-0206D61994F5}" = SOHLib for PlayMemories Home
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Logitech Gaming Software" = Logitech Gaming Software 8.53
"Logitech Unifying" = Logitech Unifying Software 2.50
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"OneNoteFreeRetail - cs-cz" = Microsoft OneNote 2013 - cs-cz
"PDF Editor 64bit 4" = PDF Editor 64bit 4
"SolarApp" = Logitech Solar App 1.10
"sp6" = Logitech SetPoint 6.32
"TrueKey" = Intel Security True Key
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"VulkanRT1.0.3.0" = Vulkan Run Time Libraries 1.0.3.0
"WinRAR archiver" = WinRAR 5.21 (64-bit)
"ZonerPhotoStudio16_Christmas_Envelopes_CZ_is1" = Zoner Photo Studio - Vánoční obálky
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
"ZonerPhotoStudio16_Templates_CZ_is1" = Zoner Photo Studio 16 - Obálky a šablony
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"%ProgramName%" = picture-shark 1.0
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00F14E5B-E07A-2A1E-6788-580773CE1486}" = CCC Help English
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{05E34A3D-3B28-4F90-89E3-D66ECE6822CC}" = HP ENVY 5530 series Nápověda
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}" = CCC Help Turkish
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15A05AAA-37E7-D516-5BE9-C960C2170403}" = CCC Help Czech
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19687AD5-7E54-4C5E-A796-125C95079C1D}" = Adobe AIR
"{19FEBF46-AE2C-45C7-BF9F-E254A4B3E717}" = PMB_ModeEditor
"{1D090074-8F48-4749-9650-DB716FDE57D9}" = Free Collage Maker
"{21E9850E-58C2-FA88-D5AD-B64D253B8F82}" = CCC Help Thai
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.2
"{25A7270E-1B63-DFD1-ACBC-88852A305398}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F03217080FF}" = Java 7 Update 80
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}" = CCC Help Danish
"{306CBA87-E890-4FBB-9AB8-E65C96D352B2}" = MergeModule_x86
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.3.0.0
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{362614E4-9ABB-E7A7-CDDC-239AB168060A}" = CCC Help Japanese
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}" = CCC Help Chinese Standard
"{48EBEBBF-B9F8-4520-A3CF-89A730721917}" = The Sims™ 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FA31DE2-B613-24BB-1738-B655C00B1C9D}" = CCC Help Hungarian
"{58771CF6-F212-CC4D-61B1-45CC70B6375C}" = CCC Help Dutch
"{5FA1D4AD-5929-4A14-B711-A5A9D8DC9F96}" = Translate Genius
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}" = CCC Help Italian
"{707210B0-29F1-C550-BA96-6ECDA245CF24}" = CCC Help Spanish
"{709316AD-161C-4D5C-9AE7-0B3A822DA271}" = Google Drive
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80F3F10B-A177-4494-93CE-98090D819093}" = Internet Explorer Toolbar 4.7 by SweetPacks
"{812B956B-37AB-24B9-4527-78A6D3ECE7F8}" = CCC Help Korean
"{822C3333-F2C2-4776-9384-660A50FD6655}" = Day Organizer, ver. 2.2.1.4
"{83293709-B863-0EF6-00DA-B026D486E8B5}" = CCC Help Polish
"{8531A154-5045-4E32-885A-391F750C5DE2}_is1" = Uschovna.cz 1.1.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}" = CCC Help Greek
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91B33C97-91F8-FFB3-581B-BC952C901685}_is1" = Ashampoo Burning Studio FREE v.1.14.5
"{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}" = PlayMemories Home
"{9903011B-5F1D-A2A1-8078-EE62B3324CCE}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7F1628-2126-34A5-852D-2B93328BCF3F}" = CCC Help German
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry's Sweet Treats
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Into the Future
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}" = PVZ Garden Warfare
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Hotspot Admin
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.15) MUI
"{AE6C422B-DADB-D547-411C-E9E56DF03D16}" = CCC Help Russian
"{B09567CC-E43F-10F1-752D-549AC7FB0C43}" = CCC Help Finnish
"{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}" = CCC Help Norwegian
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}" = Catalyst Control Center Localization All
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}" = CCC Help French
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{D0A231B2-5921-45B7-A2FC-4EC937D6E020}" = PMB_ServiceUploader
"{D4236B82-213F-679E-09A2-9AEB5EF4CADC}" = Catalyst Control Center Graphics Previews Common
"{D5530732-F70E-47EC-8C29-1606B2EE262A}" = ENVY5530FWUpdateAlert
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker
"{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}" = Bejeweled® 3
"{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}" = Catalyst Control Center
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0F4163F-6A2D-48BA-BC36-23C33B0ECDB5}" = calibre
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16247B8-CD07-40C4-8C96-FC2568G29E8F}}_is1" = Plugin 7
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}" = TuneUp Utilities Language Pack (en-GB)
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC3C2B77-6800-48C6-A15D-9D1031130C16}" = HP Support Solutions Framework
"{FCEFDA6B-63CD-BB17-B845-478A42E24D39}" = CCC Help Swedish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"Advanced SystemCare_is1" = Advanced SystemCare 9
"AirDroid" = AirDroid 3.1.3.0
"Ashampoo Burning Studio 7_is1" = Ashampoo Burning Studio 7.33
"ASUS WebStorage" = ASUS WebStorage
"Driver Booster_is1" = Driver Booster 3.3
"Easy Macro Recorder_is1" = Easy Macro Recorder 4.51
"Fotor" = Fotor 2.0.2
"Game Booster_is1" = Game Booster 3
"HandyUpdater" = Handy Updater
"IcoFX_is1" = IcoFX 1.6.4
"iFreeUp_is1" = iFreeUp 1.0
"IObit Malware Fighter_is1" = IObit Malware Fighter 3
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 3.5
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Mozilla Firefox 46.0.1 (x86 cs)" = Mozilla Firefox 46.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MV2Player" = MV2Player (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"Recepty doma_is1" = Recepty doma
"Smart Defrag_is1" = Smart Defrag 5
"StrongDC++" = StrongDC++ 2.41
"The Sims 4 Deluxe Edition 1.0.0" = The Sims 4 Deluxe Edition
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"VLC media player" = VLC media player
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"OneDriveSetup.exe" = Microsoft OneDrive
"PhotoFiltre 7" = PhotoFiltre 7
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/25/2016 8:21:17 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 9:21:17 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 10:21:17 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 11:21:18 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 12:21:18 PM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 1:21:18 PM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 2:21:18 PM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 3:14:56 PM | Computer Name = gabi-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdarila. Chyba 0x80070005.
Error - 5/25/2016 3:20:57 PM | Computer Name = gabi-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota retezce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostredkovatele cítace rozšírení. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové cásti. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje tretí hodnota DWORD datové cásti.
Error - 5/25/2016 3:20:57 PM | Computer Name = gabi-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota retezce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostredkovatele cítace rozšírení. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové cásti. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje tretí hodnota DWORD datové cásti.
Error - 5/25/2016 3:20:57 PM | Computer Name = gabi-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnení retezcu cítacu výkonu pro službu WmiApRpl (WmiApRpl) se nezdarilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
[ Media Center Events ]
Error - 5/21/2016 3:38:51 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 3:38:51 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/21/2016 9:48:27 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:48:27 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/21/2016 9:32:18 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:32:18 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/22/2016 9:33:54 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:33:54 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/22/2016 9:56:35 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:56:35 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/23/2016 9:31:37 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:31:37 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/23/2016 9:16:23 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:16:23 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/24/2016 9:29:15 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:29:15 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/24/2016 9:25:42 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:25:42 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/25/2016 9:23:05 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:23:05 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
[ System Events ]
Error - 5/24/2016 11:33:26 AM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladace pro spouštení pocítace nebo systému
se nezdarilo: VDiskBus
Error - 5/24/2016 11:35:27 AM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7023
Description = Služba PnP-X IP Bus Enumerator byla ukoncena s následující chybou:
%%-2147023728
Error - 5/24/2016 12:21:16 PM | Computer Name = gabi-PC | Source = DCOM | ID = 10001
Description =
Error - 5/25/2016 3:53:46 AM | Computer Name = gabi-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 5/25/2016 11:56:43 AM | Computer Name = gabi-PC | Source = cdrom | ID = 262155
Description = Ovladac zjistil chybu radice na \Device\CdRom0.
Error - 5/25/2016 12:21:18 PM | Computer Name = gabi-PC | Source = DCOM | ID = 10001
Description =
Error - 5/25/2016 3:14:57 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7001
Description = Služba Remote Access Connection Manager závisí na službe Secure Socket
Tunneling Protocol Service, která neuspela pri spuštení v dusledku následující
chyby: %%0
Error - 5/25/2016 3:14:57 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7001
Description = Služba Internet Connection Sharing (ICS) závisí na službe Remote Access
Connection Manager, která neuspela pri spuštení v dusledku následující chyby: %%1068
Error - 5/25/2016 3:15:00 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladace pro spouštení pocítace nebo systému
se nezdarilo: VDiskBus
Error - 5/25/2016 3:17:00 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7023
Description = Služba PnP-X IP Bus Enumerator byla ukoncena s následující chybou:
%%-2147023728
< End of report >
OTL Extras logfile created on: 5/25/2016 3:17:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\gabi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18059)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
15.98 Gb Total Physical Memory | 13.44 Gb Available Physical Memory | 84.07% Memory free
31.96 Gb Paging File | 29.27 Gb Available in Paging File | 91.56% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447.03 Gb Total Space | 219.09 Gb Free Space | 49.01% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 261.78 Gb Free Space | 37.47% Space Free | Partition Type: NTFS
Drive F: | 6.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive G: | 298.09 Gb Total Space | 187.07 Gb Free Space | 62.76% Space Free | Partition Type: NTFS
Computer Name: GABI-PC | User Name: gabi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Uschovna.cz] -- C:\Program Files (x86)\Uschovna.cz\Uschovna_cz.exe /sendto: %1 (Capsa)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Uschovna.cz] -- C:\Program Files (x86)\Uschovna.cz\Uschovna_cz.exe /sendto: %1 (Capsa)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0325B0A8-6B4F-4325-B9FA-9E700DBE2A67}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0BDA1E53-6DE9-4E51-A15D-A98E541746C1}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{1556E73E-D815-419A-A9FF-82026FC2FBA5}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B102F9C-5894-4208-A92E-E08B7B937730}" = lport=139 | protocol=6 | dir=in | app=system |
"{1B4D55F3-BB4D-40C4-8E4E-B668A71060CC}" = lport=5357 | protocol=6 | dir=in | name=ws-eventing tcp port 5357 |
"{1C92A824-2BE4-4E00-BC47-24962AE12269}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{23BE8D4D-5D4B-41A2-8007-D5D60E94B636}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{28BDB985-2BF4-4897-BF26-3C1D8A6D4446}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2E5FE74C-2D5D-4443-9FCD-ED5D332C3A1E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2FB3DCAB-E976-4B8E-A3ED-0ED4BB3A6B8B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{308CE68E-6ABE-4DDB-8B47-805CAB20225A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3246F0CC-647A-43AF-9E3E-501F1B852E5A}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{468B2199-2767-4BF7-A714-3F9DFB2B7990}" = lport=2869 | protocol=6 | dir=in | app=system |
"{46969B1B-56FC-4A90-A800-7A1B02E5E1E9}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{520B88A9-FD4F-4148-AD5F-46491170F58A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{522C0207-2520-443C-A5C1-AC9549BA4ABF}" = lport=138 | protocol=17 | dir=in | app=system |
"{59281712-2541-4E6A-A149-48023513CC71}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D4E3FFB-02D7-48AA-8C1E-545237CB3BC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{66E59D05-FC28-4DF8-A830-B27E4A37C83C}" = rport=138 | protocol=17 | dir=out | app=system |
"{6B800E91-2EC4-48AD-AAAD-78DCE5B359F6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{718354B2-15A9-4998-AF9F-A66D40C09F88}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{7334A73A-FE31-4206-8141-A2D340F5713E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8CA360DE-F201-4ACA-9F8B-829AF3526E58}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9013B761-F0B6-40A0-BD53-1F7DE32A0374}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90700B21-8335-49F9-AF96-3F0D0D7DA6C1}" = rport=137 | protocol=17 | dir=out | app=system |
"{92EBEB2F-7E6D-45D2-AD42-79EF7A879788}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9A5DE0D9-A7BE-464B-A6FC-1D2EAB8CA41D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A576EAA2-07FB-4369-86BB-FF9BCDC5129B}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A6BC7612-843F-4229-A6C4-11B40D935670}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{A92620D2-0D04-4259-AB16-202A1AFDC3A6}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ACA16760-C296-4902-9AB0-D75B4E1A9B09}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AD430F13-D014-4808-A13C-F4211DFC107B}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |
"{BF54C441-A1C4-4B2C-AFF7-3A528255D16A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D13BF2A0-F414-4A3C-9118-7AB0DC299C1E}" = lport=445 | protocol=6 | dir=in | app=system |
"{D36AE2B0-3F5C-440F-BC9D-897124AA9876}" = lport=137 | protocol=17 | dir=in | app=system |
"{D3CF1041-D8BD-44ED-B73B-918F4AD8F36A}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D86F33BD-DB31-43D1-B1DB-068485527B5A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9B22BA7-6681-429A-92E4-B00D6B7C04F2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E014DA9D-6CCE-4C59-B996-9833B2A01487}" = lport=1900 | protocol=17 | dir=in | app=c:\program files (x86)\sony\playmemories home\pmbbrowser.exe |
"{E0637BFB-1003-48EC-897C-67C005680CCA}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{E19C4CF0-E74C-4690-B58C-CCFA5E282323}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB9CB6BD-BE79-49D8-A2CC-591737C970E3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ED9EC7D0-8106-429F-9BBF-20C072B9E561}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F19FF12F-6E4F-44E9-9D0B-076D2D49CC19}" = rport=139 | protocol=6 | dir=out | app=system |
"{F95438DD-EC2F-4541-9A79-219B55DCCFDE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0065A694-EEAC-4BA5-815E-3556B4915392}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{130A1999-6273-45C0-94D2-B7695DE4A2BA}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |
"{143F2AC4-6234-433C-85A7-16A65FFB9A9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1880233B-18B0-4BC5-A8CB-72BBE251F9DA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1D2022AE-82E2-457D-ADC0-DFAAFB6642EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2055731D-5E24-4FC9-A44C-C3DD78A1F161}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{25F74A5B-6091-4DBF-B08A-395C37E2080A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{2C25DC7E-73C6-4924-9341-DB64606ADA4A}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{2EEA238B-B756-4606-AEB8-023CB13E4E09}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\the sims 4\game\bin\ts4.exe |
"{303F14B6-E8DF-4C63-804C-F3C1325CF6A4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{314C9C7E-5A51-4170-8BBC-5325D400847B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{345263CA-9C2A-4992-821B-0B33112646B5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{363D2EB3-014C-42F9-B64F-12E38C70F25A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3F98E4CA-3667-4225-B303-09A29DED7229}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4419EBCE-2CA3-43DB-955B-828684956D41}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{448D87B9-8FD3-4767-81B1-D069BFDBEF0F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{4E17BA4D-CC06-4AA5-83DC-026961F02FE7}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\playmemories home\pmbbrowser.exe |
"{52540C2A-E070-42DB-B21C-54DD2AB8B290}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{5579C489-CDBB-4198-A0ED-3B049C8CD55F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{5E68D909-0C1E-454A-8EF1-92DFC425E712}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{63179D3D-111C-4044-B226-346CA4975F33}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6DC82B3C-4E70-4E5E-BECE-4B645ABF5A39}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{7F24F425-8FC5-477A-B8EC-7BAF4287B120}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88FAA6FB-40ED-4569-A569-A3E7C7DC5B06}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\bejeweled 3\bejeweled3.exe |
"{909BC4C5-D9E7-44F0-932A-8663D1420BE2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{931F7EE6-0636-4EEF-9069-9C43E3B2E9DD}" = dir=out | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{952FE617-970D-4D54-B83A-E563DC3B6A55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9590597B-DDA7-42E7-816A-0E1674460575}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A0244989-C03F-4221-808B-CEC289E2FD4F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A3ACAC87-011E-4FE0-BE83-9E9B2FC02358}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\bejeweled 3\bejeweled3.exe |
"{A5DA47BE-D0A5-43CA-BA7B-7AB8AC953CDE}" = dir=in | app=c:\users\gabi\appdata\local\microsoft\onedrive\onedrive.exe |
"{A9ECE218-F14A-4D08-AC6E-EE5AD065385A}" = dir=in | app=c:\program files (x86)\iobit\driver booster\autoupdate.exe |
"{B5E69D31-CCB9-4B46-8BB6-B28AC3201190}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{BCD731B6-91E8-45B3-A99A-F6318D10F631}" = dir=in | app=c:\program files\hp\hp envy 5530 series\bin\hpnetworkcommunicatorcom.exe |
"{BEC6AEBF-8FE1-42AE-9E6E-C1C04BBBF8B7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C3659139-2CB7-4105-9D13-346F3AEFE95F}" = protocol=6 | dir=out | app=system |
"{C6341DB6-A747-4533-8D6F-E443E82B3E51}" = dir=in | app=c:\program files\hp\hp envy 5530 series\bin\devicesetup.exe |
"{CF02FDDE-98D9-416E-84EF-BA201A232AD8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D1E2B5AA-B460-4C0C-AD35-33D8C615D074}" = dir=out | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{D56C4C9D-5E1C-432C-B0E9-2FE5F039A58C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DD6728BA-0293-4824-BDCF-E64E8554FB13}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"{E334B504-CBC1-4B54-9994-24D810A7385A}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\the sims 4\game\bin\ts4.exe |
"{E8E7E320-789C-4721-A2C9-10CBCBB5DE24}" = dir=in | app=c:\program files (x86)\iobit\driver booster\driverbooster.exe |
"{EA4B1F1D-693A-4CCF-B4A3-85CA70314E75}" = dir=in | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{EC2004E0-4870-44DE-B884-E4C2C9308573}" = dir=out | app=c:\program files (x86)\iobit\driver booster\dbdownloader.exe |
"{F02F44C8-E2C8-46BB-8571-EF120B87FD61}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{F0810CC6-7FC8-466C-9CD7-BF818652132F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F7985A57-0114-4CD9-B012-E7543CC65FFB}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\plants vs zombies garden warfare\pvz.main_win64_retail.exe |
"TCP Query User{2B73D512-247F-4B61-9D20-02ECECC06594}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{68DB07B0-4B68-4A9F-A4F6-3F8BE0DECC75}C:\program files (x86)\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{31F4696A-E711-4CD2-B826-10515A6C4374}C:\program files (x86)\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"UDP Query User{5395F69B-A577-4D81-864B-F9D39E79A04F}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{034B6AC8-DCF6-585B-2AFD-3FF0D4A559BB}" = AMD Accelerated Video Transcoding
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{26A24AE4-039D-4CA4-87B4-2F06417080FF}" = Java 7 Update 80 (64-bit)
"{30921AC4-6875-F7DF-B48B-2BB68C000BB6}" = AMD Media Foundation Decoders
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{37D41A97-6B02-4C30-8753-85107BE1D674}" = Intel® RealSense™ SDK 2014 Runtime (x64): Core
"{37FCE154-7F59-74F0-3A35-BF503CEB230B}" = AMD Catalyst Install Manager
"{3A194988-24D4-4C26-B1B8-C0281CFC5290}" = Studie vylepšování produktu HP ENVY 5530 series
"{3D576235-F0CE-4B50-A9C6-0775B9E50B63}" = MergeModule_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D8E383E-0AB7-482D-9327-BB92D53312B4}" = ESET Smart Security
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{526002E5-7D5B-4703-A4E3-BA566AED5D8A}" = Intel(R) Biometric and Context Agent
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3 (64-bit)
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6C676266-91E4-DC71-E661-13494AC29A3E}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{82CD33B2-1DE6-4663-B6F0-1592B2376F78}" = VS10Runtimex64
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{999DB5B3-EE44-8837-2B51-4AF44CD1FD22}" = AMD Drag and Drop Transcoding
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 368.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 368.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 368.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 364.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.34.14
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.11.3.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.40
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{DF005DA9-467C-497F-B0E4-D8AF6B956809}" = Základní software zařízení HP ENVY 5530 series
"{E6D505B9-1A18-4F67-9BE0-D37B5164D581}" = Intel(R) Biometric and Context Agent Redistributables
"{F07F9109-D141-4E88-BFF5-0206D61994F5}" = SOHLib for PlayMemories Home
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Logitech Gaming Software" = Logitech Gaming Software 8.53
"Logitech Unifying" = Logitech Unifying Software 2.50
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"OneNoteFreeRetail - cs-cz" = Microsoft OneNote 2013 - cs-cz
"PDF Editor 64bit 4" = PDF Editor 64bit 4
"SolarApp" = Logitech Solar App 1.10
"sp6" = Logitech SetPoint 6.32
"TrueKey" = Intel Security True Key
"VulkanRT1.0.11.1" = Vulkan Run Time Libraries 1.0.11.1
"VulkanRT1.0.3.0" = Vulkan Run Time Libraries 1.0.3.0
"WinRAR archiver" = WinRAR 5.21 (64-bit)
"ZonerPhotoStudio16_Christmas_Envelopes_CZ_is1" = Zoner Photo Studio - Vánoční obálky
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
"ZonerPhotoStudio16_Templates_CZ_is1" = Zoner Photo Studio 16 - Obálky a šablony
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"%ProgramName%" = picture-shark 1.0
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00F14E5B-E07A-2A1E-6788-580773CE1486}" = CCC Help English
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{05E34A3D-3B28-4F90-89E3-D66ECE6822CC}" = HP ENVY 5530 series Nápověda
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0A036215-0A8D-6FBE-7EA3-7AED4F9E162A}" = CCC Help Turkish
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15A05AAA-37E7-D516-5BE9-C960C2170403}" = CCC Help Czech
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19687AD5-7E54-4C5E-A796-125C95079C1D}" = Adobe AIR
"{19FEBF46-AE2C-45C7-BF9F-E254A4B3E717}" = PMB_ModeEditor
"{1D090074-8F48-4749-9650-DB716FDE57D9}" = Free Collage Maker
"{21E9850E-58C2-FA88-D5AD-B64D253B8F82}" = CCC Help Thai
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.2
"{25A7270E-1B63-DFD1-ACBC-88852A305398}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F03217080FF}" = Java 7 Update 80
"{28164BD8-81EA-639A-85E9-E659E3EE6DA7}" = Catalyst Control Center InstallProxy
"{2E69E784-F84A-9A18-7D8E-4EB8504EEE1E}" = CCC Help Danish
"{306CBA87-E890-4FBB-9AB8-E65C96D352B2}" = MergeModule_x86
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.3.0.0
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{362614E4-9ABB-E7A7-CDDC-239AB168060A}" = CCC Help Japanese
"{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = The Sims™ 3 Showtime
"{3DE92282-CB49-434F-81BF-94E5B380E889}" = The Sims™ 3 Seasons
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = The Sims™ 3 Late Night
"{4745F6F8-09DA-CC39-EC19-0E8D764CF2B7}" = CCC Help Chinese Standard
"{48EBEBBF-B9F8-4520-A3CF-89A730721917}" = The Sims™ 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4FA31DE2-B613-24BB-1738-B655C00B1C9D}" = CCC Help Hungarian
"{58771CF6-F212-CC4D-61B1-45CC70B6375C}" = CCC Help Dutch
"{5FA1D4AD-5929-4A14-B711-A5A9D8DC9F96}" = Translate Genius
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D1221A9-17BF-4EC0-81F2-27D30EC30701}" = Skype Click to Call
"{6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD}" = CCC Help Italian
"{707210B0-29F1-C550-BA96-6ECDA245CF24}" = CCC Help Spanish
"{709316AD-161C-4D5C-9AE7-0B3A822DA271}" = Google Drive
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = The Sims™ 3 High-End Loft Stuff
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{80F3F10B-A177-4494-93CE-98090D819093}" = Internet Explorer Toolbar 4.7 by SweetPacks
"{812B956B-37AB-24B9-4527-78A6D3ECE7F8}" = CCC Help Korean
"{822C3333-F2C2-4776-9384-660A50FD6655}" = Day Organizer, ver. 2.2.1.4
"{83293709-B863-0EF6-00DA-B026D486E8B5}" = CCC Help Polish
"{8531A154-5045-4E32-885A-391F750C5DE2}_is1" = Uschovna.cz 1.1.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88B2ABCF-9C00-47C1-8FC4-369B98845DD7}" = Catalyst Control Center - Branding
"{8C0CAA7A-3272-4991-A808-2C7559DE3409}" = Win7codecs
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0405-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = The Sims™ 3 Ambitions
"{911904DE-EBB6-BC8E-D5BD-762B7DB42C46}" = CCC Help Greek
"{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update
"{91B33C97-91F8-FFB3-581B-BC952C901685}_is1" = Ashampoo Burning Studio FREE v.1.14.5
"{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}" = PlayMemories Home
"{9903011B-5F1D-A2A1-8078-EE62B3324CCE}" = CCC Help Portuguese
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A7F1628-2126-34A5-852D-2B93328BCF3F}" = CCC Help German
"{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = The Sims™ 3 Katy Perry's Sweet Treats
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}" = The Sims™ 3 Into the Future
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}" = PVZ Garden Warfare
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}" = Mobile Hotspot Admin
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.15) MUI
"{AE6C422B-DADB-D547-411C-E9E56DF03D16}" = CCC Help Russian
"{B09567CC-E43F-10F1-752D-549AC7FB0C43}" = CCC Help Finnish
"{B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B}" = CCC Help Norwegian
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}" = The Sims™ 3 Supernatural
"{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}" = HPDiagnosticAlert
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = The Sims™ 3 World Adventures
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD96ABD3-D1D4-5513-6C60-11476D6DCFC5}" = Catalyst Control Center Localization All
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = The Sims™ 3 Pets
"{C39C7876-4D21-8A38-0A42-B5C8858EC6C7}" = CCC Help French
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{D0A231B2-5921-45B7-A2FC-4EC937D6E020}" = PMB_ServiceUploader
"{D4236B82-213F-679E-09A2-9AEB5EF4CADC}" = Catalyst Control Center Graphics Previews Common
"{D5530732-F70E-47EC-8C29-1606B2EE262A}" = ENVY5530FWUpdateAlert
"{DADC7AB0-E554-4705-9F6A-83EA82ED708E}" = Realtek Ethernet Diagnostic Utility
"{DB21639E-FE55-432C-BCA2-0C5249E3F79E}" = The Sims™ 3 Island Paradise
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = The Sims™ 3 Generations
"{E9275D69-7DEC-430B-BA1B-F74DFF9B0B43}" = Disk Unlocker
"{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}" = Bejeweled® 3
"{EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF}" = Catalyst Control Center
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0F4163F-6A2D-48BA-BC36-23C33B0ECDB5}" = calibre
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16247B8-CD07-40C4-8C96-FC2568G29E8F}}_is1" = Plugin 7
"{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}" = The Sims™ 3 University Life
"{F3ED01FE-B62F-4CA4-BACA-822369BC0FB7}" = TuneUp Utilities Language Pack (en-GB)
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FC3C2B77-6800-48C6-A15D-9D1031130C16}" = HP Support Solutions Framework
"{FCEFDA6B-63CD-BB17-B845-478A42E24D39}" = CCC Help Swedish
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 21 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.2
"Advanced SystemCare_is1" = Advanced SystemCare 9
"AirDroid" = AirDroid 3.1.3.0
"Ashampoo Burning Studio 7_is1" = Ashampoo Burning Studio 7.33
"ASUS WebStorage" = ASUS WebStorage
"Driver Booster_is1" = Driver Booster 3.3
"Easy Macro Recorder_is1" = Easy Macro Recorder 4.51
"Fotor" = Fotor 2.0.2
"Game Booster_is1" = Game Booster 3
"HandyUpdater" = Handy Updater
"IcoFX_is1" = IcoFX 1.6.4
"iFreeUp_is1" = iFreeUp 1.0
"IObit Malware Fighter_is1" = IObit Malware Fighter 3
"IObit Surfing Protection_is1" = Surfing Protection
"IObitUninstall" = IObit Uninstaller
"IrfanView" = IrfanView (remove only)
"IsoBuster_is1" = IsoBuster 3.5
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Mozilla Firefox 46.0.1 (x86 cs)" = Mozilla Firefox 46.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MV2Player" = MV2Player (remove only)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Opera 12.16.1860" = Opera 12.16
"Origin" = Origin
"Recepty doma_is1" = Recepty doma
"Smart Defrag_is1" = Smart Defrag 5
"StrongDC++" = StrongDC++ 2.41
"The Sims 4 Deluxe Edition 1.0.0" = The Sims 4 Deluxe Edition
"TS3 Install Helper Monkey" = TS3 Install Helper Monkey
"VLC media player" = VLC media player
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4097007782-1966444928-4019047729-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"HP Photo Creations" = HP Photo Creations
"OneDriveSetup.exe" = Microsoft OneDrive
"PhotoFiltre 7" = PhotoFiltre 7
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 5/25/2016 8:21:17 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 9:21:17 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 10:21:17 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 11:21:18 AM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 12:21:18 PM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 1:21:18 PM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 2:21:18 PM | Computer Name = gabi-PC | Source = Software Protection Platform Service | ID = 8193
Description = Plánovac aktivace licence (sppuinotify.dll) byl ukoncen s následujícím
kódem chyby: 0x80070005
Error - 5/25/2016 3:14:56 PM | Computer Name = gabi-PC | Source = Winlogon | ID = 4103
Description = Aktivace licence systému Windows se nezdarila. Chyba 0x80070005.
Error - 5/25/2016 3:20:57 PM | Computer Name = gabi-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota retezce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostredkovatele cítace rozšírení. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové cásti. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje tretí hodnota DWORD datové cásti.
Error - 5/25/2016 3:20:57 PM | Computer Name = gabi-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Hodnota retezce výkonu v registru výkonu je poškozena, pokud proces
Performance zprostredkovatele cítace rozšírení. Hodnotu BaseIndex z registru výkonu
obsahuje první hodnota DWORD datové cásti. Hodnotu LastCounter obsahuje druhá hodnota
DWORD a hodnotu LastHelp obsahuje tretí hodnota DWORD datové cásti.
Error - 5/25/2016 3:20:57 PM | Computer Name = gabi-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
Description = Uvolnení retezcu cítacu výkonu pro službu WmiApRpl (WmiApRpl) se nezdarilo.
První hodnota DWORD v datové oblasti obsahuje kód chyby.
[ Media Center Events ]
Error - 5/21/2016 3:38:51 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 3:38:51 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/21/2016 9:48:27 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:48:27 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/21/2016 9:32:18 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:32:18 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/22/2016 9:33:54 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:33:54 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/22/2016 9:56:35 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:56:35 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/23/2016 9:31:37 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:31:37 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/23/2016 9:16:23 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:16:23 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/24/2016 9:29:15 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:29:15 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/24/2016 9:25:42 PM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:25:42 PM - Failed to retrieve nettv (Error: PackageName is invalid.)
Error - 5/25/2016 9:23:05 AM | Computer Name = gabi-PC | Source = MCUpdate | ID = 0
Description = 9:23:05 AM - Failed to retrieve nettv (Error: PackageName is invalid.)
[ System Events ]
Error - 5/24/2016 11:33:26 AM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladace pro spouštení pocítace nebo systému
se nezdarilo: VDiskBus
Error - 5/24/2016 11:35:27 AM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7023
Description = Služba PnP-X IP Bus Enumerator byla ukoncena s následující chybou:
%%-2147023728
Error - 5/24/2016 12:21:16 PM | Computer Name = gabi-PC | Source = DCOM | ID = 10001
Description =
Error - 5/25/2016 3:53:46 AM | Computer Name = gabi-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =
Error - 5/25/2016 11:56:43 AM | Computer Name = gabi-PC | Source = cdrom | ID = 262155
Description = Ovladac zjistil chybu radice na \Device\CdRom0.
Error - 5/25/2016 12:21:18 PM | Computer Name = gabi-PC | Source = DCOM | ID = 10001
Description =
Error - 5/25/2016 3:14:57 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7001
Description = Služba Remote Access Connection Manager závisí na službe Secure Socket
Tunneling Protocol Service, která neuspela pri spuštení v dusledku následující
chyby: %%0
Error - 5/25/2016 3:14:57 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7001
Description = Služba Internet Connection Sharing (ICS) závisí na službe Remote Access
Connection Manager, která neuspela pri spuštení v dusledku následující chyby: %%1068
Error - 5/25/2016 3:15:00 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladace pro spouštení pocítace nebo systému
se nezdarilo: VDiskBus
Error - 5/25/2016 3:17:00 PM | Computer Name = gabi-PC | Source = Service Control Manager | ID = 7023
Description = Služba PnP-X IP Bus Enumerator byla ukoncena s následující chybou:
%%-2147023728
< End of report >
Přispějete na provoz fóra?