Logfile of random's system information tool 1.10 (written by random/random)
Run by Dom at 2018-02-10 18:23:55
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 23 GB (40%) free of 57 GB
Total RAM: 1014 MB (26% free)
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-09 246120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Dom\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files\Optimizer Pro\OptProLauncher.exe [2014-01-28 135160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-10 18:24:05 ----D---- C:\Program Files\trend micro
2018-02-10 18:23:55 ----D---- C:\rsit
2018-02-10 17:47:14 ----D---- C:\ProgramData\SWCUTemp
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpudd.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpcorets.dll
2018-02-09 22:31:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-02-09 22:31:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-02-09 22:28:47 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-02-09 22:28:35 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-09 22:28:29 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-02-09 22:28:26 ----A---- C:\Windows\system32\wksprtPS.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-02-09 22:28:24 ----A---- C:\Windows\system32\tsgqec.dll
2018-02-09 22:28:23 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-02-09 22:28:23 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-02-09 22:28:22 ----A---- C:\Windows\system32\wksprt.exe
2018-02-09 22:28:20 ----A---- C:\Windows\system32\mstsc.exe
2018-02-09 22:28:16 ----A---- C:\Windows\system32\mstscax.dll
2018-02-09 22:04:22 ----A---- C:\Windows\system32\appraiser.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\generaltel.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\aeinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\devinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\centel.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\acmigration.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\invagent.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aitstatic.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aepic.dll
2018-02-09 16:36:36 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-02-09 16:36:35 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-02-09 16:36:34 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-02-05 21:40:22 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-02-02 17:21:49 ----A---- C:\Windows\system32\drivers\staport.sys
2018-02-02 17:17:52 ----A---- C:\Windows\system32\aswBoot.exe
2018-01-11 19:30:28 ----A---- C:\Windows\system32\drivers\aswSP.sys
======List of files/folders modified in the last 1 month======
2018-02-10 18:28:51 ----D---- C:\Windows\Prefetch
2018-02-10 18:27:18 ----D---- C:\Windows\Temp
2018-02-10 18:24:05 ----RD---- C:\Program Files
2018-02-10 18:20:07 ----D---- C:\Windows\system32\config
2018-02-10 17:59:15 ----D---- C:\Windows\tracing
2018-02-10 17:47:14 ----HD---- C:\ProgramData
2018-02-10 16:50:46 ----D---- C:\Windows\winsxs
2018-02-10 16:50:42 ----D---- C:\Windows\System32
2018-02-10 16:48:56 ----SHD---- C:\System Volume Information
2018-02-10 15:56:38 ----D---- C:\Windows\rescache
2018-02-09 22:43:13 ----D---- C:\Windows\system32\appraiser
2018-02-09 22:43:12 ----D---- C:\Windows\system32\en-US
2018-02-09 22:43:12 ----D---- C:\Windows\system32\drivers
2018-02-09 22:43:12 ----D---- C:\Windows\PolicyDefinitions
2018-02-09 22:43:11 ----D---- C:\Windows\system32\wbem
2018-02-09 22:43:11 ----D---- C:\Windows\system32\drivers\en-US
2018-02-09 22:43:07 ----RSD---- C:\Windows\Fonts
2018-02-09 22:43:05 ----D---- C:\Windows\system32\DriverStore
2018-02-09 22:42:50 ----D---- C:\Windows\inf
2018-02-09 22:38:06 ----D---- C:\Windows\system32\catroot2
2018-02-09 21:45:47 ----D---- C:\Windows\system32\NDF
2018-02-09 17:07:57 ----D---- C:\Windows\system32\wfp
2018-02-09 17:07:53 ----D---- C:\Windows
2018-02-09 17:06:46 ----D---- C:\Windows\system32\Boot
2018-02-09 17:06:38 ----D---- C:\Windows\registration
2018-02-08 21:18:19 ----SHD---- C:\Windows\Installer
2018-02-02 22:07:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-02 17:21:31 ----D---- C:\Windows\system32\Tasks
2018-02-02 17:15:02 ----D---- C:\Windows\Tasks
2018-02-02 17:13:58 ----D---- C:\Windows\system32\drivers\etc
2018-01-28 11:22:36 ----D---- C:\Windows\Microsoft.NET
2018-01-28 10:18:13 ----SHD---- C:\Config.Msi
2018-01-23 19:02:26 ----D---- C:\Windows\debug
2018-01-12 18:34:10 ----RSD---- C:\Windows\assembly
2018-01-12 18:21:15 ----D---- C:\Windows\system32\MRT
2018-01-12 18:13:29 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-12 18:12:37 ----AC---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-09 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-09 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-09 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-09 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-09 294680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-09 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-09 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-09 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-20 39752]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-09 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-09 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-09 151328]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-09 42824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 37064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-09 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-09 5906816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 gupdate;Storitev Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-26 1045256]
S3 gupdatem;Storitev Posodobitve za Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-25 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zpomaleny pc prosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpomaleny pc prosim o kontrolu
Ako sa do hory volá, taká Katka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomaleny pc prosim o kontrolu
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomaleny pc prosim o kontrolu
Zdravim. neviem, som laik, kupil som ho pred 5 rokmi ako pouzity. Ako by som to mohol zistit? Dakujem
Ako sa do hory volá, taká Katka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomaleny pc prosim o kontrolu
Zjistíme snadno. Udělejte tento sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomaleny pc prosim o kontrolu
OTL logfile created on: 10.2.2018 21:05:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Favorites\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18893)
Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy
1014,12 Mb Total Physical Memory | 132,87 Mb Available Physical Memory | 13,10% Memory free
1,99 Gb Paging File | 1,02 Gb Available in Paging File | 51,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,79 Gb Total Space | 22,42 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2018.02.10 21:01:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Favorites\Downloads\OTL.exe
PRC - [2018.02.01 06:58:33 | 001,453,400 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2018.01.11 19:53:57 | 011,078,336 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018.01.09 20:00:28 | 000,301,168 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018.01.09 20:00:05 | 005,906,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe
PRC - [2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
========== Modules (No Company Name) ==========
MOD - [2018.02.01 06:58:41 | 002,407,256 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\64.0.3282.140\swiftshader\libglesv2.dll
MOD - [2018.02.01 06:58:40 | 000,115,032 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\64.0.3282.140\swiftshader\libegl.dll
MOD - [2018.01.09 20:00:48 | 000,289,272 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2018.01.09 20:00:34 | 000,206,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2018.01.09 20:00:29 | 000,058,016 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\module_lifetime.dll
MOD - [2018.01.09 20:00:28 | 000,057,504 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\dll_loader.dll
MOD - [2018.01.09 19:59:52 | 000,282,560 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2017.08.20 19:46:20 | 067,109,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010.01.09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV - [2018.01.09 20:00:28 | 000,301,168 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2018.01.09 20:00:05 | 005,906,816 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe -- (aswbIDSAgent)
SRV - [2018.01.01 03:00:09 | 001,004,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2017.12.29 19:03:40 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2017.07.18 09:35:52 | 000,317,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016.08.21 14:05:24 | 000,935,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.06.15 14:11:45 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.01.26 20:02:20 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.03.25 14:00:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.01.21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2018.01.11 19:23:55 | 000,390,256 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2018.01.11 19:23:22 | 000,123,880 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2018.01.09 20:01:42 | 000,151,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2018.01.09 20:01:41 | 000,294,680 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2018.01.09 20:01:40 | 000,158,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswArPot.sys -- (aswArPot)
DRV - [2018.01.09 20:01:40 | 000,070,832 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2018.01.09 20:01:40 | 000,042,824 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2018.01.09 20:01:39 | 000,099,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2018.01.09 20:00:16 | 000,783,104 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2018.01.09 19:59:53 | 000,118,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV - [2018.01.09 19:59:49 | 000,050,344 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswbunivx.sys -- (aswbuniv)
DRV - [2018.01.09 19:59:48 | 000,276,696 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswblogx.sys -- (aswblog)
DRV - [2018.01.09 19:59:48 | 000,255,584 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswbidsdriverx.sys -- (aswbidsdriver)
DRV - [2018.01.09 19:59:48 | 000,157,376 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswbidshx.sys -- (aswbidsh)
DRV - [2017.08.20 19:40:37 | 000,039,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013.10.02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013.02.22 02:50:36 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2011.08.17 08:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 08:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 08:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MSERT1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sl-SI
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 EF B4 5B FC 99 D3 01 [binary data]
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 37 EB 5D AD 95 1D D2 01 [binary data]
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... FA_enSI476
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes\{ED972086-F288-44F7-88AB-C2765C1AAD91}: "URL" = http://www.google.com/search?q={searchT ... FA_enSI476
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dom\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\10.2.0.9950_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Pošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.4.1/ ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E39BB7F-EE1C-468C-8C4D-98138083C35A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDAA38B7-F7E2-445E-B59A-F1FFE5C9D71A}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2018.02.10 18:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2018.02.10 18:23:55 | 000,000,000 | ---D | C] -- C:\rsit
[2018.02.10 17:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2018.02.10 14:04:59 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2018.02.10 14:04:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2018.02.10 14:04:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2018.02.09 22:31:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2018.02.09 22:31:21 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2018.02.09 22:28:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2018.02.09 22:28:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2018.02.09 22:28:29 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2018.02.09 22:28:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2018.02.09 22:28:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2018.02.09 22:28:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2018.02.09 22:28:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2018.02.09 22:28:23 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdvidcrl.dll
[2018.02.09 22:28:23 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2018.02.09 22:28:22 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2018.02.09 22:04:22 | 001,314,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2018.02.09 22:04:21 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2018.02.09 22:04:21 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2018.02.09 22:04:20 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2018.02.09 22:04:20 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\centel.dll
[2018.02.09 22:04:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2018.02.09 22:04:19 | 001,893,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2018.02.09 22:04:19 | 000,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2018.02.09 22:04:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2018.02.09 22:04:19 | 000,117,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2018.02.09 16:36:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDAZEL.DLL
[2018.02.09 16:36:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdgeoqw.dll
[2018.02.09 16:36:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDAZE.DLL
[2018.02.02 17:17:52 | 000,305,840 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[16 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2018.02.10 21:31:10 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2018.02.10 21:24:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2018.02.10 19:01:11 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job
[2018.02.10 18:25:40 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 18:25:39 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 18:05:50 | 000,007,601 | ---- | M] () -- C:\Users\Dom\AppData\Local\Resmon.ResmonCfg
[2018.02.10 17:46:24 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2018.02.10 17:46:19 | 000,408,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2018.02.10 17:46:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.02.10 17:45:43 | 797,536,256 | -HS- | M] () -- C:\hiberfil.sys
[2018.02.10 16:01:04 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job
[2018.02.08 20:18:10 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.02.02 22:07:50 | 000,654,366 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2018.02.02 22:07:50 | 000,122,238 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2018.02.02 17:22:40 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2018.02.02 17:21:49 | 000,040,584 | ---- | M] () -- C:\Windows\System32\drivers\staport.sys
[2018.01.22 00:42:42 | 000,117,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2018.01.22 00:20:43 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2018.01.19 15:05:32 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2018.01.19 15:05:32 | 000,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2018.01.19 15:05:31 | 001,893,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2018.01.19 15:05:31 | 001,314,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2018.01.19 15:05:31 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2018.01.19 15:05:31 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\centel.dll
[2018.01.19 15:05:31 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2018.01.19 15:05:31 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2018.01.12 18:13:29 | 126,487,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRT-KB890830.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[16 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2018.02.10 21:24:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2018.02.05 21:40:22 | 000,408,192 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2018.02.02 17:21:49 | 000,040,584 | ---- | C] () -- C:\Windows\System32\drivers\staport.sys
[2017.09.13 22:09:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014.07.11 20:09:36 | 000,007,601 | ---- | C] () -- C:\Users\Dom\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018.01.01 03:00:12 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2015.06.03 10:29:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVAST Software
[2012.03.24 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVG2012
[2014.04.08 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\EZDownloader
[2015.01.26 19:30:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenCandy
[2013.02.28 12:38:28 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Systweak
[2015.01.26 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2015.01.26 19:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2015.03.02 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(15).TXT
[2009.07.14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(16).TXT
[2009.07.14 05:53:46 | 000,032,596 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.04.21 18:50:06 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.07.06 17:51:18 | 000,001,084 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job
[2012.07.06 17:51:20 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\explorer.exe
[2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_5432df58f129e196\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2018.01.01 02:54:22 | 000,198,888 | ---- | M] (Microsoft Corporation) MD5=489319C3AA2552031378BAE21BEFBEF3 -- C:\Windows\System32\hal.dll
[2018.01.01 02:54:22 | 000,198,888 | ---- | M] (Microsoft Corporation) MD5=489319C3AA2552031378BAE21BEFBEF3 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.24000_none_adc07862d105ccd6\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2017.05.30 05:39:05 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C25848DB4A86839A7EDD1077F62AD980 -- C:\Windows\System32\drivers\tcpip.sys
[2017.05.30 05:39:05 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C25848DB4A86839A7EDD1077F62AD980 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23821_none_b5a11e7addd0f747\tcpip.sys
[2017.04.04 16:25:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7CF3C1D1EC800230E5FE658C77FC9CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23761_none_b575dce4ddf169e4\tcpip.sys
[2016.07.07 16:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_b55a68e0de0544f5\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[34 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\40290DB32DD640B8C1415097A25866E6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\40290DB32DD640B8C1415097A25866E6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\B18619B48098325B034F37896A94FC33\*.tmp files -> C:\Windows\SoftwareDistribution\Download\B18619B48098325B034F37896A94FC33\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\EB82ED8509870615CD91B6E8A44703AA\*.tmp files -> C:\Windows\SoftwareDistribution\Download\EB82ED8509870615CD91B6E8A44703AA\*.tmp -> ]
[16 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.03.24 18:35:30 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Adobe
[2015.06.03 10:29:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVAST Software
[2012.03.24 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVG2012
[2016.03.03 17:07:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\dvdcss
[2014.04.08 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\EZDownloader
[2012.03.24 18:49:04 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Google
[2012.03.24 11:30:27 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Identities
[2012.03.24 18:35:31 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Macromedia
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Media Center Programs
[2016.09.08 16:00:02 | 000,000,000 | --SD | M] -- C:\Users\Dom\AppData\Roaming\Microsoft
[2015.01.26 19:30:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenCandy
[2017.10.05 18:58:12 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Skype
[2013.02.28 12:38:28 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Systweak
[2015.01.26 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2015.01.26 19:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2015.03.02 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
[2017.01.29 18:03:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
[2015.01.26 19:34:40 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Dom\AppData\Roaming\OpenCandy\OpenCandy_C69AEC0E658A4544B1CB9581B576684B\TuneUpUtilities2014WORLDW15D_en-US.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2018.02.11 00:31:05 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2018.02.10 16:01:04 | 000,001,084 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job
[2018.02.10 22:01:12 | 000,001,106 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[16 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[16 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]
< %systemroot%\system32\*.* /3 >
[2018.02.10 18:25:39 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 18:25:40 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 17:46:19 | 000,408,192 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2018.02.10 17:46:24 | 000,016,384 | ---- | M] () -- C:\Windows\system32\Ikeext.etl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2017.12.30 07:42:13 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=D8FA1F3BA06E68DEEA49CF2050049E59 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2018.02.01 06:58:33 | 001,453,400 | ---- | M] (Google Inc.) MD5=7442C0219E611FD50A8CBAAAA972AE8F -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2018.02.10 21:24:24 | 000,000,512 | ---- | M] () MD5=386983426DF66994ACBCBBC0B874A855 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2009.08.30 14:15:42 | 006,676,864 | ---- | M] () -- \Users\Dom\Desktop\New Folder (2)\tehno - dance-freestyle-house-euro-trance-techno - dj crack - progressive attack (1).mp3
< *keygen* /s >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Favorites\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18893)
Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy
1014,12 Mb Total Physical Memory | 132,87 Mb Available Physical Memory | 13,10% Memory free
1,99 Gb Paging File | 1,02 Gb Available in Paging File | 51,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,79 Gb Total Space | 22,42 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2018.02.10 21:01:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dom\Favorites\Downloads\OTL.exe
PRC - [2018.02.01 06:58:33 | 001,453,400 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2018.01.11 19:53:57 | 011,078,336 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2018.01.09 20:00:28 | 000,301,168 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2018.01.09 20:00:05 | 005,906,816 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe
PRC - [2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2012.11.23 03:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
========== Modules (No Company Name) ==========
MOD - [2018.02.01 06:58:41 | 002,407,256 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\64.0.3282.140\swiftshader\libglesv2.dll
MOD - [2018.02.01 06:58:40 | 000,115,032 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\64.0.3282.140\swiftshader\libegl.dll
MOD - [2018.01.09 20:00:48 | 000,289,272 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2018.01.09 20:00:34 | 000,206,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2018.01.09 20:00:29 | 000,058,016 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\module_lifetime.dll
MOD - [2018.01.09 20:00:28 | 000,057,504 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\dll_loader.dll
MOD - [2018.01.09 19:59:52 | 000,282,560 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2017.08.20 19:46:20 | 067,109,376 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2010.01.09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV - [2018.01.09 20:00:28 | 000,301,168 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2018.01.09 20:00:05 | 005,906,816 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe -- (aswbIDSAgent)
SRV - [2018.01.01 03:00:09 | 001,004,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2017.12.29 19:03:40 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2017.07.18 09:35:52 | 000,317,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016.08.21 14:05:24 | 000,935,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.06.15 14:11:45 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.01.26 20:02:20 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013.05.27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.03.25 14:00:19 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.01.21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2018.01.11 19:23:55 | 000,390,256 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2018.01.11 19:23:22 | 000,123,880 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2018.01.09 20:01:42 | 000,151,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2018.01.09 20:01:41 | 000,294,680 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2018.01.09 20:01:40 | 000,158,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswArPot.sys -- (aswArPot)
DRV - [2018.01.09 20:01:40 | 000,070,832 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2018.01.09 20:01:40 | 000,042,824 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2018.01.09 20:01:39 | 000,099,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2018.01.09 20:00:16 | 000,783,104 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2018.01.09 19:59:53 | 000,118,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV - [2018.01.09 19:59:49 | 000,050,344 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswbunivx.sys -- (aswbuniv)
DRV - [2018.01.09 19:59:48 | 000,276,696 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswblogx.sys -- (aswblog)
DRV - [2018.01.09 19:59:48 | 000,255,584 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswbidsdriverx.sys -- (aswbidsdriver)
DRV - [2018.01.09 19:59:48 | 000,157,376 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\System32\drivers\aswbidshx.sys -- (aswbidsh)
DRV - [2017.08.20 19:40:37 | 000,039,752 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2013.10.02 01:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013.02.22 02:50:36 | 000,037,064 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss6.sys -- (taphss6)
DRV - [2012.08.23 15:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2011.08.17 08:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011.08.17 08:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011.08.17 08:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011.08.17 08:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.13 23:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTer ... &pc=MSERT1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/de-de/?ocid=iehp
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sl-SI
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 51 EF B4 5B FC 99 D3 01 [binary data]
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 37 EB 5D AD 95 1D D2 01 [binary data]
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?FORM=UP97DF& ... -SearchBox
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... FA_enSI476
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\..\SearchScopes\{ED972086-F288-44F7-88AB-C2765C1AAD91}: "URL" = http://www.google.com/search?q={searchT ... FA_enSI476
IE - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Dom\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\10.2.0.9950_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Dom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6417.1211.0.0_0\
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Pošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : P&ošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://javadl-esd.sun.com/update/1.4.1/ ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E39BB7F-EE1C-468C-8C4D-98138083C35A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDAA38B7-F7E2-445E-B59A-F1FFE5C9D71A}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2018.02.10 18:24:05 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2018.02.10 18:23:55 | 000,000,000 | ---D | C] -- C:\rsit
[2018.02.10 17:47:14 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2018.02.10 14:04:59 | 002,746,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2018.02.10 14:04:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2018.02.10 14:04:59 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2018.02.09 22:31:44 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2018.02.09 22:31:21 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2018.02.09 22:28:47 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2018.02.09 22:28:35 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2018.02.09 22:28:29 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2018.02.09 22:28:26 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2018.02.09 22:28:26 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2018.02.09 22:28:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2018.02.09 22:28:24 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2018.02.09 22:28:23 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdvidcrl.dll
[2018.02.09 22:28:23 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2018.02.09 22:28:22 | 000,350,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2018.02.09 22:04:22 | 001,314,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2018.02.09 22:04:21 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2018.02.09 22:04:21 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2018.02.09 22:04:20 | 000,508,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2018.02.09 22:04:20 | 000,337,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\centel.dll
[2018.02.09 22:04:20 | 000,212,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2018.02.09 22:04:19 | 001,893,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2018.02.09 22:04:19 | 000,311,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2018.02.09 22:04:19 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2018.02.09 22:04:19 | 000,117,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2018.02.09 16:36:36 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDAZEL.DLL
[2018.02.09 16:36:35 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kbdgeoqw.dll
[2018.02.09 16:36:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\KBDAZE.DLL
[2018.02.02 17:17:52 | 000,305,840 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[16 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2018.02.10 21:31:10 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2018.02.10 21:24:24 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2018.02.10 19:01:11 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job
[2018.02.10 18:25:40 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 18:25:39 | 000,020,880 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 18:05:50 | 000,007,601 | ---- | M] () -- C:\Users\Dom\AppData\Local\Resmon.ResmonCfg
[2018.02.10 17:46:24 | 000,016,384 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2018.02.10 17:46:19 | 000,408,192 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2018.02.10 17:46:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.02.10 17:45:43 | 797,536,256 | -HS- | M] () -- C:\hiberfil.sys
[2018.02.10 16:01:04 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job
[2018.02.08 20:18:10 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2018.02.02 22:07:50 | 000,654,366 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2018.02.02 22:07:50 | 000,122,238 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2018.02.02 17:22:40 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2018.02.02 17:21:49 | 000,040,584 | ---- | M] () -- C:\Windows\System32\drivers\staport.sys
[2018.01.22 00:42:42 | 000,117,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2018.01.22 00:20:43 | 000,533,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2018.01.19 15:05:32 | 000,594,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2018.01.19 15:05:32 | 000,311,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2018.01.19 15:05:31 | 001,893,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aitstatic.exe
[2018.01.19 15:05:31 | 001,314,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2018.01.19 15:05:31 | 000,508,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2018.01.19 15:05:31 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\centel.dll
[2018.01.19 15:05:31 | 000,212,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2018.01.19 15:05:31 | 000,190,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2018.01.12 18:13:29 | 126,487,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MRT-KB890830.exe
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[16 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
========== Files Created - No Company Name ==========
[2018.02.10 21:24:24 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2018.02.05 21:40:22 | 000,408,192 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2018.02.02 17:21:49 | 000,040,584 | ---- | C] () -- C:\Windows\System32\drivers\staport.sys
[2017.09.13 22:09:18 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2014.07.11 20:09:36 | 000,007,601 | ---- | C] () -- C:\Users\Dom\AppData\Local\Resmon.ResmonCfg
========== ZeroAccess Check ==========
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2018.01.01 03:00:12 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2015.06.03 10:29:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVAST Software
[2012.03.24 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVG2012
[2014.04.08 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\EZDownloader
[2015.01.26 19:30:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenCandy
[2013.02.28 12:38:28 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Systweak
[2015.01.26 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2015.01.26 19:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2015.03.02 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(15).TXT
[2009.07.14 05:53:46 | 000,032,558 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU(16).TXT
[2009.07.14 05:53:46 | 000,032,596 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.04.21 18:50:06 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.07.06 17:51:18 | 000,001,084 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job
[2012.07.06 17:51:20 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2009.07.14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010.11.20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010.11.20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\explorer.exe
[2016.08.29 15:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_5432df58f129e196\explorer.exe
[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2018.01.01 02:54:22 | 000,198,888 | ---- | M] (Microsoft Corporation) MD5=489319C3AA2552031378BAE21BEFBEF3 -- C:\Windows\System32\hal.dll
[2018.01.01 02:54:22 | 000,198,888 | ---- | M] (Microsoft Corporation) MD5=489319C3AA2552031378BAE21BEFBEF3 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.24000_none_adc07862d105ccd6\hal.dll
[2009.07.14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
< MD5 for: SERVICES.EXE >
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015.04.13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009.07.14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015.04.11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
< MD5 for: TCPIP.SYS >
[2011.04.25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011.09.29 17:02:44 | 001,301,872 | ---- | M] (Microsoft Corporation) MD5=22F7E7CBCA308DEE3428B097D4F8A61C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21060_none_b38e8546e0cbe4a1\tcpip.sys
[2012.08.22 18:05:21 | 001,306,992 | ---- | M] (Microsoft Corporation) MD5=23790A44D9A6B67F8690C34D4F516446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22097_none_b55b785ade04500f\tcpip.sys
[2011.04.25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009.07.14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013.01.03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010.11.20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2011.09.29 17:17:18 | 001,303,920 | ---- | M] (Microsoft Corporation) MD5=3C1C41E317710F74CEC1E7F0D5325993 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_b5a84e10ddca7566\tcpip.sys
[2013.01.04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013.07.06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013.07.06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014.04.05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2012.03.30 11:29:05 | 001,287,024 | ---- | M] (Microsoft Corporation) MD5=55E9965552741F3850CB22CBBA9671ED -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16986_none_b2f57423c7b8dea8\tcpip.sys
[2011.09.29 16:43:37 | 001,285,488 | ---- | M] (Microsoft Corporation) MD5=56C198AC82EFA622DD93E9E43575F79C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16889_none_b2f8731bc7b62d86\tcpip.sys
[2013.05.08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2011.09.29 17:03:04 | 001,290,608 | ---- | M] (Microsoft Corporation) MD5=65D10B191C59C5501A1263FC33F6894B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_b4d1ffa1c4e682b5\tcpip.sys
[2013.09.07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011.04.25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013.01.03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2012.03.30 11:23:11 | 001,291,632 | ---- | M] (Microsoft Corporation) MD5=7FA2E0F8B072BD04B77B421480B6CC22 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17802_none_b52e5147c4a202d7\tcpip.sys
[2011.04.25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2012.03.30 10:04:23 | 001,306,480 | ---- | M] (Microsoft Corporation) MD5=88FCDB9923EFECA207B3CEBD24407126 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21954_none_b583df0adde66104\tcpip.sys
[2012.08.22 18:16:54 | 001,292,144 | ---- | M] (Microsoft Corporation) MD5=A5EBB8F648000E88B7D9390B514976BF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17939_none_b514e56fc4b40532\tcpip.sys
[2013.01.04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2017.05.30 05:39:05 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C25848DB4A86839A7EDD1077F62AD980 -- C:\Windows\System32\drivers\tcpip.sys
[2017.05.30 05:39:05 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C25848DB4A86839A7EDD1077F62AD980 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23821_none_b5a11e7addd0f747\tcpip.sys
[2017.04.04 16:25:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7CF3C1D1EC800230E5FE658C77FC9CA -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23761_none_b575dce4ddf169e4\tcpip.sys
[2016.07.07 16:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_b55a68e0de0544f5\tcpip.sys
[2013.09.08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013.05.08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012.10.03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013.11.26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012.10.03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2012.03.30 11:08:19 | 001,303,408 | ---- | M] (Microsoft Corporation) MD5=E47C2844A1605A44178F4281E4D58B3D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21178_none_b38bb990e0ccc871\tcpip.sys
[2014.04.05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014.07.16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014.07.17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014.03.04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014.03.04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe
< >
< %systemroot%*.* /U /s >
[34 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[16 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\40290DB32DD640B8C1415097A25866E6\*.tmp files -> C:\Windows\SoftwareDistribution\Download\40290DB32DD640B8C1415097A25866E6\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\B18619B48098325B034F37896A94FC33\*.tmp files -> C:\Windows\SoftwareDistribution\Download\B18619B48098325B034F37896A94FC33\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\EB82ED8509870615CD91B6E8A44703AA\*.tmp files -> C:\Windows\SoftwareDistribution\Download\EB82ED8509870615CD91B6E8A44703AA\*.tmp -> ]
[16 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2012.03.24 18:35:30 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Adobe
[2015.06.03 10:29:06 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVAST Software
[2012.03.24 16:02:18 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\AVG2012
[2016.03.03 17:07:24 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\dvdcss
[2014.04.08 18:46:41 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\EZDownloader
[2012.03.24 18:49:04 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Google
[2012.03.24 11:30:27 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Identities
[2012.03.24 18:35:31 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Macromedia
[2009.07.14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Media Center Programs
[2016.09.08 16:00:02 | 000,000,000 | --SD | M] -- C:\Users\Dom\AppData\Roaming\Microsoft
[2015.01.26 19:30:49 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\OpenCandy
[2017.10.05 18:58:12 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Skype
[2013.02.28 12:38:28 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\Systweak
[2015.01.26 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TeamViewer
[2015.01.26 19:37:34 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\TuneUp Software
[2015.03.02 17:48:47 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\uTorrent
[2017.01.29 18:03:25 | 000,000,000 | ---D | M] -- C:\Users\Dom\AppData\Roaming\vlc
< %APPDATA%\*.exe /s >
[2015.01.26 19:34:40 | 028,369,720 | ---- | M] (TuneUp Software) -- C:\Users\Dom\AppData\Roaming\OpenCandy\OpenCandy_C69AEC0E658A4544B1CB9581B576684B\TuneUpUtilities2014WORLDW15D_en-US.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2018.02.11 00:31:05 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2018.02.10 16:01:04 | 000,001,084 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job
[2018.02.10 22:01:12 | 000,001,106 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[16 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
[16 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]
< %systemroot%\system32\*.* /3 >
[2018.02.10 18:25:39 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 18:25:40 | 000,020,880 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2018.02.10 17:46:19 | 000,408,192 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2018.02.10 17:46:24 | 000,016,384 | ---- | M] () -- C:\Windows\system32\Ikeext.etl
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2017.12.30 07:42:13 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=D8FA1F3BA06E68DEEA49CF2050049E59 -- C:\Program Files\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2018.02.01 06:58:33 | 001,453,400 | ---- | M] (Google Inc.) MD5=7442C0219E611FD50A8CBAAAA972AE8F -- C:\Program Files\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2018.02.10 21:24:24 | 000,000,512 | ---- | M] () MD5=386983426DF66994ACBCBBC0B874A855 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2009.08.30 14:15:42 | 006,676,864 | ---- | M] () -- \Users\Dom\Desktop\New Folder (2)\tehno - dance-freestyle-house-euro-trance-techno - dj crack - progressive attack (1).mp3
< *keygen* /s >
Ako sa do hory volá, taká Katka
Re: Zpomaleny pc prosim o kontrolu
< *loader* /s >
[2018.01.09 20:00:27 | 000,261,600 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2018.01.09 20:00:28 | 000,057,504 | ---- | M] () -- \Program Files\AVAST Software\Avast\dll_loader.dll
[9 \Program Files\AVAST Software\Avast\*.tmp files -> \Program Files\AVAST Software\Avast\*.tmp -> ]
[2018.02.02 17:16:42 | 000,018,744 | ---- | M] () -- \Program Files\AVAST Software\Avast\Setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.06.13 15:23:31 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.609\resources\bundled_extensions\video-downloader.crx
[2017.08.04 10:46:09 | 001,407,533 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\4.58.2552.909\resources\bundled_extensions\video-downloader.crx
[2017.08.04 10:46:09 | 001,407,533 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2009.10.22 01:01:42 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.10.22 01:01:42 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2017.08.03 08:04:42 | 000,003,208 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\Dom\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.343_0\skin\ajax-loader.gif
[2017.07.17 08:24:52 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\Dom\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.420_0\icons\loader.gif
[2017.08.03 08:04:42 | 000,003,208 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\Dom\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.343_0\skin\ajax-loader.gif
[2017.07.17 08:24:52 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\Dom\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.420_0\icons\loader.gif
[2018.01.07 16:52:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_cs-cz_35e2f702745cf3a5.manifest
[2018.01.07 16:51:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_da-dk_d31cd7296aa2efa4.manifest
[2018.01.07 16:52:36 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_de-de_d0486c656c79443e.manifest
[2018.01.07 16:53:07 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_el-gr_78de99f85b8eaccc.manifest
[2018.01.07 16:52:17 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_es-es_79049f425b7e41a8.manifest
[2018.01.07 16:51:16 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fi-fi_181fa3ef509833d2.manifest
[2018.01.07 16:51:43 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fr-fr_1bbc15414e50580a.manifest
[2018.01.07 16:51:59 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_hu-hu_632c958932b02726.manifest
[2018.01.07 16:52:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_it-it_05e40b8825823d88.manifest
[2018.01.07 16:53:24 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ja-jp_a8098a95189d4f63.manifest
[2018.01.07 16:54:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ko-kr_4b73674a0b0e1679.manifest
[2018.01.07 16:51:29 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nb-no_3405e87ee3334235.manifest
[2018.01.07 16:52:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nl-nl_324533bce45f4c0a.manifest
[2018.01.07 16:52:41 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pl-pl_78818e3ec981b9be.manifest
[2018.01.07 16:52:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-br_7ad578e2c80b4da2.manifest
[2018.01.07 16:51:56 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-pt_7bb7484ec77abd7e.manifest
[2018.01.07 16:53:12 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ru-ru_c25a5a12ac5c4baa.manifest
[2018.01.07 16:52:47 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_sv-se_5e554487a3855605.manifest
[2018.01.07 16:52:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_tr-tr_07628ece924157f6.manifest
[2018.01.07 16:54:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-cn_d8bfaccc42792a15.manifest
[2018.01.07 16:51:30 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-hk_d76aa55a43549ca5.manifest
[2018.01.07 16:55:22 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-tw_dcbbea223fea0685.manifest
[2018.01.07 16:51:52 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_cs-cz_43d5cdeeaf79a901.manifest
[2018.01.07 16:51:25 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_da-dk_e10fae15a5bfa500.manifest
[2018.01.07 16:52:27 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_de-de_de3b4351a795f99a.manifest
[2018.01.07 16:53:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_el-gr_86d170e496ab6228.manifest
[2018.01.07 16:28:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_en-us_872c194a9674055f.manifest
[2018.01.07 16:52:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_es-es_86f7762e969af704.manifest
[2018.01.07 16:51:16 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fi-fi_26127adb8bb4e92e.manifest
[2018.01.07 16:51:34 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fr-fr_29aeec2d896d0d66.manifest
[2018.01.07 16:51:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_hu-hu_711f6c756dccdc82.manifest
[2018.01.07 16:52:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_it-it_13d6e274609ef2e4.manifest
[2018.01.07 16:53:15 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ja-jp_b5fc618153ba04bf.manifest
[2018.01.07 16:54:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ko-kr_59663e36462acbd5.manifest
[2018.01.07 16:51:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nb-no_41f8bf6b1e4ff791.manifest
[2018.01.07 16:52:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nl-nl_40380aa91f7c0166.manifest
[2018.01.07 16:52:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pl-pl_8674652b049e6f1a.manifest
[2018.01.07 16:52:23 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-br_88c84fcf032802fe.manifest
[2018.01.07 16:51:47 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-pt_89aa1f3b029772da.manifest
[2018.01.07 16:53:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ru-ru_d04d30fee7790106.manifest
[2018.01.07 16:52:37 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_sv-se_6c481b73dea20b61.manifest
[2018.01.07 16:52:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_tr-tr_155565bacd5e0d52.manifest
[2018.01.07 16:54:24 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-cn_e6b283b87d95df71.manifest
[2018.01.07 16:51:30 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-hk_e55d7c467e715201.manifest
[2018.01.07 16:55:14 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-tw_eaaec10e7b06bbe1.manifest
[2018.01.07 16:51:05 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.24009_none_428f173ae1eab704.manifest
[2018.01.01 03:17:54 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_cs-cz_35d9f46874650f96.manifest
[2018.01.01 03:16:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_da-dk_d313d48f6aab0b95.manifest
[2018.01.01 03:16:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_de-de_d03f69cb6c81602f.manifest
[2018.01.01 03:18:16 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_el-gr_78d5975e5b96c8bd.manifest
[2018.01.01 03:04:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4.manifest
[2018.01.01 03:18:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_es-es_78fb9ca85b865d99.manifest
[2018.01.01 03:16:48 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fi-fi_1816a15550a04fc3.manifest
[2018.01.01 03:18:04 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fr-fr_1bb312a74e5873fb.manifest
[2018.01.01 03:17:03 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_hu-hu_632392ef32b84317.manifest
[2018.01.01 03:18:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_it-it_05db08ee258a5979.manifest
[2018.01.01 03:19:41 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ja-jp_a80087fb18a56b54.manifest
[2018.01.01 03:18:28 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ko-kr_4b6a64b00b16326a.manifest
[2018.01.01 03:18:20 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nb-no_33fce5e4e33b5e26.manifest
[2018.01.01 03:17:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nl-nl_323c3122e46767fb.manifest
[2018.01.01 03:16:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pl-pl_78788ba4c989d5af.manifest
[2018.01.01 03:16:58 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-br_7acc7648c8136993.manifest
[2018.01.01 03:17:08 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-pt_7bae45b4c782d96f.manifest
[2018.01.01 03:18:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ru-ru_c2515778ac64679b.manifest
[2018.01.01 03:18:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_sv-se_5e4c41eda38d71f6.manifest
[2018.01.01 03:18:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_tr-tr_07598c34924973e7.manifest
[2018.01.01 03:19:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-cn_d8b6aa3242814606.manifest
[2018.01.01 03:16:29 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-hk_d761a2c0435cb896.manifest
[2018.01.01 03:20:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-tw_dcb2e7883ff22276.manifest
[2018.01.01 03:23:25 | 000,004,224 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9.manifest
[2018.01.01 03:17:46 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_cs-cz_43cccb54af81c4f2.manifest
[2018.01.01 03:16:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_da-dk_e106ab7ba5c7c0f1.manifest
[2018.01.01 03:16:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_de-de_de3240b7a79e158b.manifest
[2018.01.01 03:18:15 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_el-gr_86c86e4a96b37e19.manifest
[2018.01.01 03:04:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_872316b0967c2150.manifest
[2018.01.01 03:18:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_es-es_86ee739496a312f5.manifest
[2018.01.01 03:16:48 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fi-fi_260978418bbd051f.manifest
[2018.01.01 03:17:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fr-fr_29a5e99389752957.manifest
[2018.01.01 03:16:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_hu-hu_711669db6dd4f873.manifest
[2018.01.01 03:18:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_it-it_13cddfda60a70ed5.manifest
[2018.01.01 03:19:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ja-jp_b5f35ee753c220b0.manifest
[2018.01.01 03:18:20 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ko-kr_595d3b9c4632e7c6.manifest
[2018.01.01 03:18:19 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nb-no_41efbcd11e581382.manifest
[2018.01.01 03:17:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nl-nl_402f080f1f841d57.manifest
[2018.01.01 03:16:47 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pl-pl_866b629104a68b0b.manifest
[2018.01.01 03:16:50 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-br_88bf4d3503301eef.manifest
[2018.01.01 03:16:59 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-pt_89a11ca1029f8ecb.manifest
[2018.01.01 03:18:17 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ru-ru_d0442e64e7811cf7.manifest
[2018.01.01 03:18:23 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_sv-se_6c3f18d9deaa2752.manifest
[2018.01.01 03:18:03 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_tr-tr_154c6320cd662943.manifest
[2018.01.01 03:19:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-cn_e6a9811e7d9dfb62.manifest
[2018.01.01 03:16:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-hk_e55479ac7e796df2.manifest
[2018.01.01 03:20:13 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-tw_eaa5be747b0ed7d2.manifest
[2018.01.01 03:23:29 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_428614a0e1f2d2f5.manifest
[2018.01.01 02:59:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2018.01.10 20:04:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4.manifest
[2018.01.10 20:04:12 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4_winload.exe.mui_3bc5b827
[2018.01.10 20:04:12 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4_winresume.exe.mui_ff8b5358
[2018.01.10 20:04:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9.manifest
[2018.01.10 20:04:10 | 000,535,656 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9_winload.exe_75835076
[2018.01.10 20:04:10 | 000,470,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015.05.14 15:50:05 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2014.07.08 22:41:53 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_78973dd1424c57be.manifest
[2015.02.03 04:16:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b.manifest
[2015.08.04 18:52:22 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_en-us_7870d3e9426a0823.manifest
[2015.10.01 18:55:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9.manifest
[2014.07.08 22:41:44 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_79160c965b7210a0.manifest
[2014.12.13 02:50:09 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_793880ba5b57e9c9.manifest
[2015.01.12 23:09:31 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_791bdedc5b6e704a.manifest
[2015.01.16 07:23:55 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_791ddf705b6ca2f8.manifest
[2015.01.27 04:33:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_79083f985b7cdada.manifest
[2015.02.03 04:36:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_790d410a5b78598d.manifest
[2015.03.17 05:50:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_793257205b5d8501.manifest
[2015.04.27 20:04:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_790516dc5b7fc217.manifest
[2015.05.25 19:11:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_78e6a7ac5b964898.manifest
[2015.07.15 04:04:54 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_7920ba565b6a1f66.manifest
[2015.07.15 18:54:31 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_7915ea6a5b723b57.manifest
[2015.07.23 01:02:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_en-us_790719565b7df1ec.manifest
[2015.08.04 18:57:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_en-us_78fd49b45b852734.manifest
[2015.09.28 21:20:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23223_en-us_791dbb5e5b6cd088.manifest
[2015.10.01 18:48:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_en-us_7920bc3c5b6a1c8d.manifest
[2015.10.20 01:51:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_en-us_78fa4abc5b87d856.manifest
[2015.12.30 20:00:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_en-us_79288d305b64b1be.manifest
[2016.01.17 01:22:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_en-us_7913eda25b7402f7.manifest
[2016.01.22 07:11:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_en-us_7917eeca5b706853.manifest
[2016.02.10 19:34:25 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_en-us_790e1f285b779d9b.manifest
[2016.03.16 19:35:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_en-us_78d00d3c5ba75e98.manifest
[2016.03.17 23:34:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_en-us_78d10d865ba677ef.manifest
[2016.04.09 08:00:21 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_en-us_792d90885b602d98.manifest
[2016.09.02 16:23:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_7918f2e05b6f7bf8.manifest
[2016.09.09 19:06:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23543_en-us_790821385b7cffdf.manifest
[2016.10.07 16:19:33 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23569_en-us_78f8831c5b87cfcb.manifest
[2016.10.11 16:27:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23572_en-us_78e6b12a5b963a5b.manifest
[2017.02.09 17:21:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_78ebb4825b91b635.manifest
[2017.03.08 05:29:37 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23714_en-us_792995125b63bfb1.manifest
[2017.04.28 01:38:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_en-us_78d516465ba2d1e7.manifest
[2017.05.12 19:08:53 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23807_en-us_793767c25b58ecec.manifest
[2017.07.07 16:16:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23864_en-us_78f3875c5b8c488d.manifest
[2017.08.11 07:25:37 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23889_en-us_78e2e8f65b97ff22.manifest
[2017.09.13 16:15:03 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_en-us_792a99285b62d356.manifest
[2018.01.01 03:04:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4.manifest
[2018.01.07 16:28:09 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_en-us_7939425e5b575003.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2014.08.19 04:02:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_5ced2dcdcb19ba9a.manifest
[2015.02.03 04:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.08.04 19:12:04 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_5cfed415cb0d11f8.manifest
[2015.10.01 19:21:33 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2014.08.19 04:09:35 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_5d67fb6ae4430e20.manifest
[2014.12.12 07:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015.01.12 04:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015.01.14 07:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015.01.27 04:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015.02.03 04:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.03.17 06:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015.04.27 20:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015.05.25 19:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015.07.15 04:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015.07.15 19:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015.07.23 01:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2015.08.04 19:18:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_5d8b49e0e4283109.manifest
[2015.09.28 21:46:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23223_none_5dabbb8ae40fda5d.manifest
[2015.10.01 19:05:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_5daebc68e40d2662.manifest
[2015.10.20 02:15:07 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_5d884ae8e42ae22b.manifest
[2015.12.30 20:23:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_5db68d5ce407bb93.manifest
[2016.01.17 01:43:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_5da1edcee4170ccc.manifest
[2016.01.22 07:39:54 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_5da5eef6e4137228.manifest
[2016.02.10 20:17:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_5d9c1f54e41aa770.manifest
[2016.03.16 20:02:45 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_5d5e0d68e44a686d.manifest
[2016.03.17 23:51:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_5d5f0db2e44981c4.manifest
[2016.04.09 08:16:41 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2016.09.02 16:45:24 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd.manifest
[2016.09.09 19:18:49 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23543_none_5d962164e42009b4.manifest
[2016.10.07 16:40:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23569_none_5d868348e42ad9a0.manifest
[2016.10.11 16:48:17 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23572_none_5d74b156e4394430.manifest
[2017.02.09 17:43:12 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_5d79b4aee434c00a.manifest
[2017.03.08 05:50:24 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23714_none_5db7953ee406c986.manifest
[2017.04.28 01:55:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_5d631672e445dbbc.manifest
[2017.05.12 19:30:22 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23807_none_5dc567eee3fbf6c1.manifest
[2017.07.07 16:29:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23864_none_5d818788e42f5262.manifest
[2017.08.11 07:47:12 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23889_none_5d70e922e43b08f7.manifest
[2017.09.13 16:37:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_5db89954e405dd2b.manifest
[2018.01.01 03:23:25 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9.manifest
[2018.01.07 16:51:01 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24009_none_5dc7428ae3fa59d8.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2018.01.09 20:04:20 | 000,018,744 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 19:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 06:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 01:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 19:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.17 23:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.08 05:21:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23714_none_0d42cb02f32fdc7a\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.17 16:12:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23775_none_0d02ebc4f35f9d77\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.08.11 07:19:29 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23889_none_0cfc1ee6f3641beb\api-ms-win-core-libraryloader-l1-1-0.dll
[2018.01.01 02:59:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.24000_none_0d4975b4f32b88bd\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
[2018.01.09 20:00:27 | 000,261,600 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2018.01.09 20:00:28 | 000,057,504 | ---- | M] () -- \Program Files\AVAST Software\Avast\dll_loader.dll
[9 \Program Files\AVAST Software\Avast\*.tmp files -> \Program Files\AVAST Software\Avast\*.tmp -> ]
[2018.02.02 17:16:42 | 000,018,744 | ---- | M] () -- \Program Files\AVAST Software\Avast\Setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.06.13 15:23:31 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.609\resources\bundled_extensions\video-downloader.crx
[2017.08.04 10:46:09 | 001,407,533 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\4.58.2552.909\resources\bundled_extensions\video-downloader.crx
[2017.08.04 10:46:09 | 001,407,533 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2009.10.22 01:01:42 | 000,249,672 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2009.10.22 01:01:42 | 000,018,248 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2017.08.03 08:04:42 | 000,003,208 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\Dom\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.343_0\skin\ajax-loader.gif
[2017.07.17 08:24:52 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\Dom\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.420_0\icons\loader.gif
[2017.08.03 08:04:42 | 000,003,208 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\Dom\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.343_0\skin\ajax-loader.gif
[2017.07.17 08:24:52 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\Dom\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.420_0\icons\loader.gif
[2018.01.07 16:52:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_cs-cz_35e2f702745cf3a5.manifest
[2018.01.07 16:51:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_da-dk_d31cd7296aa2efa4.manifest
[2018.01.07 16:52:36 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_de-de_d0486c656c79443e.manifest
[2018.01.07 16:53:07 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_el-gr_78de99f85b8eaccc.manifest
[2018.01.07 16:52:17 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_es-es_79049f425b7e41a8.manifest
[2018.01.07 16:51:16 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fi-fi_181fa3ef509833d2.manifest
[2018.01.07 16:51:43 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fr-fr_1bbc15414e50580a.manifest
[2018.01.07 16:51:59 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_hu-hu_632c958932b02726.manifest
[2018.01.07 16:52:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_it-it_05e40b8825823d88.manifest
[2018.01.07 16:53:24 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ja-jp_a8098a95189d4f63.manifest
[2018.01.07 16:54:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ko-kr_4b73674a0b0e1679.manifest
[2018.01.07 16:51:29 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nb-no_3405e87ee3334235.manifest
[2018.01.07 16:52:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nl-nl_324533bce45f4c0a.manifest
[2018.01.07 16:52:41 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pl-pl_78818e3ec981b9be.manifest
[2018.01.07 16:52:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-br_7ad578e2c80b4da2.manifest
[2018.01.07 16:51:56 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-pt_7bb7484ec77abd7e.manifest
[2018.01.07 16:53:12 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ru-ru_c25a5a12ac5c4baa.manifest
[2018.01.07 16:52:47 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_sv-se_5e554487a3855605.manifest
[2018.01.07 16:52:51 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_tr-tr_07628ece924157f6.manifest
[2018.01.07 16:54:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-cn_d8bfaccc42792a15.manifest
[2018.01.07 16:51:30 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-hk_d76aa55a43549ca5.manifest
[2018.01.07 16:55:22 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-tw_dcbbea223fea0685.manifest
[2018.01.07 16:51:52 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_cs-cz_43d5cdeeaf79a901.manifest
[2018.01.07 16:51:25 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_da-dk_e10fae15a5bfa500.manifest
[2018.01.07 16:52:27 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_de-de_de3b4351a795f99a.manifest
[2018.01.07 16:53:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_el-gr_86d170e496ab6228.manifest
[2018.01.07 16:28:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_en-us_872c194a9674055f.manifest
[2018.01.07 16:52:07 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_es-es_86f7762e969af704.manifest
[2018.01.07 16:51:16 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fi-fi_26127adb8bb4e92e.manifest
[2018.01.07 16:51:34 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_fr-fr_29aeec2d896d0d66.manifest
[2018.01.07 16:51:51 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_hu-hu_711f6c756dccdc82.manifest
[2018.01.07 16:52:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_it-it_13d6e274609ef2e4.manifest
[2018.01.07 16:53:15 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ja-jp_b5fc618153ba04bf.manifest
[2018.01.07 16:54:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ko-kr_59663e36462acbd5.manifest
[2018.01.07 16:51:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nb-no_41f8bf6b1e4ff791.manifest
[2018.01.07 16:52:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_nl-nl_40380aa91f7c0166.manifest
[2018.01.07 16:52:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pl-pl_8674652b049e6f1a.manifest
[2018.01.07 16:52:23 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-br_88c84fcf032802fe.manifest
[2018.01.07 16:51:47 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_pt-pt_89aa1f3b029772da.manifest
[2018.01.07 16:53:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_ru-ru_d04d30fee7790106.manifest
[2018.01.07 16:52:37 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_sv-se_6c481b73dea20b61.manifest
[2018.01.07 16:52:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_tr-tr_155565bacd5e0d52.manifest
[2018.01.07 16:54:24 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-cn_e6b283b87d95df71.manifest
[2018.01.07 16:51:30 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-hk_e55d7c467e715201.manifest
[2018.01.07 16:55:14 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_zh-tw_eaaec10e7b06bbe1.manifest
[2018.01.07 16:51:05 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\2ad07665c8a5e17ac9c4caabdd732f9d\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.24009_none_428f173ae1eab704.manifest
[2018.01.01 03:17:54 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_cs-cz_35d9f46874650f96.manifest
[2018.01.01 03:16:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_da-dk_d313d48f6aab0b95.manifest
[2018.01.01 03:16:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_de-de_d03f69cb6c81602f.manifest
[2018.01.01 03:18:16 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_el-gr_78d5975e5b96c8bd.manifest
[2018.01.01 03:04:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4.manifest
[2018.01.01 03:18:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_es-es_78fb9ca85b865d99.manifest
[2018.01.01 03:16:48 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fi-fi_1816a15550a04fc3.manifest
[2018.01.01 03:18:04 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fr-fr_1bb312a74e5873fb.manifest
[2018.01.01 03:17:03 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_hu-hu_632392ef32b84317.manifest
[2018.01.01 03:18:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_it-it_05db08ee258a5979.manifest
[2018.01.01 03:19:41 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ja-jp_a80087fb18a56b54.manifest
[2018.01.01 03:18:28 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ko-kr_4b6a64b00b16326a.manifest
[2018.01.01 03:18:20 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nb-no_33fce5e4e33b5e26.manifest
[2018.01.01 03:17:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nl-nl_323c3122e46767fb.manifest
[2018.01.01 03:16:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pl-pl_78788ba4c989d5af.manifest
[2018.01.01 03:16:58 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-br_7acc7648c8136993.manifest
[2018.01.01 03:17:08 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-pt_7bae45b4c782d96f.manifest
[2018.01.01 03:18:25 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ru-ru_c2515778ac64679b.manifest
[2018.01.01 03:18:32 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_sv-se_5e4c41eda38d71f6.manifest
[2018.01.01 03:18:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_tr-tr_07598c34924973e7.manifest
[2018.01.01 03:19:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-cn_d8b6aa3242814606.manifest
[2018.01.01 03:16:29 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-hk_d761a2c0435cb896.manifest
[2018.01.01 03:20:21 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-tw_dcb2e7883ff22276.manifest
[2018.01.01 03:23:25 | 000,004,224 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9.manifest
[2018.01.01 03:17:46 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_cs-cz_43cccb54af81c4f2.manifest
[2018.01.01 03:16:42 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_da-dk_e106ab7ba5c7c0f1.manifest
[2018.01.01 03:16:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_de-de_de3240b7a79e158b.manifest
[2018.01.01 03:18:15 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_el-gr_86c86e4a96b37e19.manifest
[2018.01.01 03:04:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_872316b0967c2150.manifest
[2018.01.01 03:18:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_es-es_86ee739496a312f5.manifest
[2018.01.01 03:16:48 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fi-fi_260978418bbd051f.manifest
[2018.01.01 03:17:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_fr-fr_29a5e99389752957.manifest
[2018.01.01 03:16:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_hu-hu_711669db6dd4f873.manifest
[2018.01.01 03:18:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_it-it_13cddfda60a70ed5.manifest
[2018.01.01 03:19:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ja-jp_b5f35ee753c220b0.manifest
[2018.01.01 03:18:20 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ko-kr_595d3b9c4632e7c6.manifest
[2018.01.01 03:18:19 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nb-no_41efbcd11e581382.manifest
[2018.01.01 03:17:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_nl-nl_402f080f1f841d57.manifest
[2018.01.01 03:16:47 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pl-pl_866b629104a68b0b.manifest
[2018.01.01 03:16:50 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-br_88bf4d3503301eef.manifest
[2018.01.01 03:16:59 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_pt-pt_89a11ca1029f8ecb.manifest
[2018.01.01 03:18:17 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_ru-ru_d0442e64e7811cf7.manifest
[2018.01.01 03:18:23 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_sv-se_6c3f18d9deaa2752.manifest
[2018.01.01 03:18:03 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_tr-tr_154c6320cd662943.manifest
[2018.01.01 03:19:32 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-cn_e6a9811e7d9dfb62.manifest
[2018.01.01 03:16:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-hk_e55479ac7e796df2.manifest
[2018.01.01 03:20:13 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_zh-tw_eaa5be747b0ed7d2.manifest
[2018.01.01 03:23:29 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\4c20cc54d7045308f9d823b4275d6541\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_428614a0e1f2d2f5.manifest
[2018.01.01 02:59:58 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009.07.14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2018.01.10 20:04:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4.manifest
[2018.01.10 20:04:12 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4_winload.exe.mui_3bc5b827
[2018.01.10 20:04:12 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4_winresume.exe.mui_ff8b5358
[2018.01.10 20:04:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9.manifest
[2018.01.10 20:04:10 | 000,535,656 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9_winload.exe_75835076
[2018.01.10 20:04:10 | 000,470,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9_winresume.exe_85cd1215
[2009.07.14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009.07.14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015.05.14 15:50:05 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2014.07.08 22:41:53 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_78973dd1424c57be.manifest
[2015.02.03 04:16:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b.manifest
[2015.08.04 18:52:22 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_en-us_7870d3e9426a0823.manifest
[2015.10.01 18:55:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9.manifest
[2014.07.08 22:41:44 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_79160c965b7210a0.manifest
[2014.12.13 02:50:09 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_793880ba5b57e9c9.manifest
[2015.01.12 23:09:31 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_791bdedc5b6e704a.manifest
[2015.01.16 07:23:55 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_791ddf705b6ca2f8.manifest
[2015.01.27 04:33:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_79083f985b7cdada.manifest
[2015.02.03 04:36:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_790d410a5b78598d.manifest
[2015.03.17 05:50:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_793257205b5d8501.manifest
[2015.04.27 20:04:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_790516dc5b7fc217.manifest
[2015.05.25 19:11:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_78e6a7ac5b964898.manifest
[2015.07.15 04:04:54 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_7920ba565b6a1f66.manifest
[2015.07.15 18:54:31 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_7915ea6a5b723b57.manifest
[2015.07.23 01:02:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_en-us_790719565b7df1ec.manifest
[2015.08.04 18:57:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_en-us_78fd49b45b852734.manifest
[2015.09.28 21:20:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23223_en-us_791dbb5e5b6cd088.manifest
[2015.10.01 18:48:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_en-us_7920bc3c5b6a1c8d.manifest
[2015.10.20 01:51:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_en-us_78fa4abc5b87d856.manifest
[2015.12.30 20:00:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_en-us_79288d305b64b1be.manifest
[2016.01.17 01:22:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_en-us_7913eda25b7402f7.manifest
[2016.01.22 07:11:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_en-us_7917eeca5b706853.manifest
[2016.02.10 19:34:25 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_en-us_790e1f285b779d9b.manifest
[2016.03.16 19:35:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_en-us_78d00d3c5ba75e98.manifest
[2016.03.17 23:34:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_en-us_78d10d865ba677ef.manifest
[2016.04.09 08:00:21 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_en-us_792d90885b602d98.manifest
[2016.09.02 16:23:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_7918f2e05b6f7bf8.manifest
[2016.09.09 19:06:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23543_en-us_790821385b7cffdf.manifest
[2016.10.07 16:19:33 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23569_en-us_78f8831c5b87cfcb.manifest
[2016.10.11 16:27:06 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23572_en-us_78e6b12a5b963a5b.manifest
[2017.02.09 17:21:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23677_en-us_78ebb4825b91b635.manifest
[2017.03.08 05:29:37 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23714_en-us_792995125b63bfb1.manifest
[2017.04.28 01:38:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_en-us_78d516465ba2d1e7.manifest
[2017.05.12 19:08:53 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23807_en-us_793767c25b58ecec.manifest
[2017.07.07 16:16:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23864_en-us_78f3875c5b8c488d.manifest
[2017.08.11 07:25:37 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23889_en-us_78e2e8f65b97ff22.manifest
[2017.09.13 16:15:03 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23915_en-us_792a99285b62d356.manifest
[2018.01.01 03:04:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24000_en-us_79303fc45b5f6bf4.manifest
[2018.01.07 16:28:09 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.24009_en-us_7939425e5b575003.manifest
[2009.07.14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009.08.19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009.08.19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010.11.20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2014.08.19 04:02:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_5ced2dcdcb19ba9a.manifest
[2015.02.03 04:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015.08.04 19:12:04 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_5cfed415cb0d11f8.manifest
[2015.10.01 19:21:33 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2014.08.19 04:09:35 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_5d67fb6ae4430e20.manifest
[2014.12.12 07:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015.01.12 04:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015.01.14 07:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015.01.27 04:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015.02.03 04:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015.03.17 06:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015.04.27 20:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015.05.25 19:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015.07.15 04:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015.07.15 19:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015.07.23 01:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2015.08.04 19:18:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_5d8b49e0e4283109.manifest
[2015.09.28 21:46:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23223_none_5dabbb8ae40fda5d.manifest
[2015.10.01 19:05:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_5daebc68e40d2662.manifest
[2015.10.20 02:15:07 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_5d884ae8e42ae22b.manifest
[2015.12.30 20:23:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_5db68d5ce407bb93.manifest
[2016.01.17 01:43:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_5da1edcee4170ccc.manifest
[2016.01.22 07:39:54 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_5da5eef6e4137228.manifest
[2016.02.10 20:17:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_5d9c1f54e41aa770.manifest
[2016.03.16 20:02:45 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_5d5e0d68e44a686d.manifest
[2016.03.17 23:51:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_5d5f0db2e44981c4.manifest
[2016.04.09 08:16:41 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2016.09.02 16:45:24 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd.manifest
[2016.09.09 19:18:49 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23543_none_5d962164e42009b4.manifest
[2016.10.07 16:40:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23569_none_5d868348e42ad9a0.manifest
[2016.10.11 16:48:17 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23572_none_5d74b156e4394430.manifest
[2017.02.09 17:43:12 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23677_none_5d79b4aee434c00a.manifest
[2017.03.08 05:50:24 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23714_none_5db7953ee406c986.manifest
[2017.04.28 01:55:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_5d631672e445dbbc.manifest
[2017.05.12 19:30:22 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23807_none_5dc567eee3fbf6c1.manifest
[2017.07.07 16:29:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23864_none_5d818788e42f5262.manifest
[2017.08.11 07:47:12 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23889_none_5d70e922e43b08f7.manifest
[2017.09.13 16:37:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23915_none_5db89954e405dd2b.manifest
[2018.01.01 03:23:25 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24000_none_5dbe3ff0e40275c9.manifest
[2018.01.07 16:51:01 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.24009_none_5dc7428ae3fa59d8.manifest
[2009.07.14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2018.01.09 20:04:20 | 000,018,744 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:19:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16850_none_0aa3bde9dd0fa7ea\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.18 12:09:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:12:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21010_none_0b587286f60d0b32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:42:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:15:45 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17651_none_0c8b1b39da352d2d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:32:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:40:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.16 19:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.16 05:36:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21772_none_0d001876f3621e30\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.08.20 18:23:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 06:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.17 01:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 06:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 19:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.17 23:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.08 05:21:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23714_none_0d42cb02f32fdc7a\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.17 16:12:13 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23775_none_0d02ebc4f35f9d77\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.08.11 07:19:29 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23889_none_0cfc1ee6f3641beb\api-ms-win-core-libraryloader-l1-1-0.dll
[2018.01.01 02:59:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.24000_none_0d4975b4f32b88bd\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Ako sa do hory volá, taká Katka
Re: Zpomaleny pc prosim o kontrolu
OTL Extras logfile created on: 10.2.2018 21:05:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Favorites\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18893)
Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy
1014,12 Mb Total Physical Memory | 132,87 Mb Available Physical Memory | 13,10% Memory free
1,99 Gb Paging File | 1,02 Gb Available in Paging File | 51,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,79 Gb Total Space | 22,42 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044ECF18-C3F3-4ABE-BE3A-15E037E11C76}" = rport=137 | protocol=17 | dir=out | app=system |
"{0F8C1DCD-BC8C-4E1B-901C-92209A16E964}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{108973C9-0871-41CF-BA56-C31F7274F591}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{171B1460-0D7E-49A6-B61E-FAD2925DD90C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2980D292-4CCE-41B9-A906-8CBFBDEBB4AE}" = lport=137 | protocol=17 | dir=in | app=system |
"{2A934BFB-57A5-45CD-8BE5-D3700FB9A6A7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2B371CEE-BBE4-4A56-84A8-CE94B58ADFAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{371A3A61-4AFF-48A1-8E71-048AF6082275}" = rport=139 | protocol=6 | dir=out | app=system |
"{46C8A658-27BC-4179-AF34-3F8A221462AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{484CC30E-4690-4BD1-AE3C-060C8313C828}" = rport=445 | protocol=6 | dir=out | app=system |
"{49744DBD-0014-42E9-85E1-D116D0FC19A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56CD05F3-DE1B-4F3A-94E7-91361332C366}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F623014-7A3B-48EB-A88A-FCA6433AB5CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68B294A5-75D2-472F-AD01-7AC0631F89FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{707D2992-FC3B-4498-A164-A2E87A517D92}" = lport=139 | protocol=6 | dir=in | app=system |
"{77AB6EDD-5B93-4AFC-94F8-F683F2F10100}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8D414A2D-492A-4417-8EAB-BDA243C4835F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{91F8649E-665A-41FF-A2F8-0A940544F82C}" = rport=138 | protocol=17 | dir=out | app=system |
"{921EF2CC-3A61-473A-9D9C-7A30EDA2C565}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AF7AD5-4EFB-46B9-9FF8-EA9CEDDEA8F9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.609\szbrowser.exe |
"{99FFD16B-34C3-492D-A05F-1D9F5B5064EE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B094A629-9A4B-4A0F-A4DD-B61EF3B81C15}" = lport=138 | protocol=17 | dir=in | app=system |
"{D3200CD7-84FF-4C1D-B9F9-5E2B8B44EEF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D33D8F1F-ADC7-4971-8408-573ED54F92E5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{EAFC4975-8658-4BDD-BFBA-AB4233685AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF2791AC-0DB4-4F22-B217-0F3A7E0DABD7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\4.58.2552.909\szbrowser.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E6EF4E-E0B4-456E-8CC0-C2FE1899D0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0EA71CA2-6629-4DDE-B040-5EDCD4BC6CEC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107CDB89-0A0B-446E-A244-72046030177F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{153585BC-9184-452A-BDD8-56340BEA75E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{156CE7F9-C4C3-4C4D-9A2A-608A59297CC8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{2F0FA454-6BDC-4903-8997-80E1C3998135}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{368D53E8-C373-4B16-955C-2FEE69D80E74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A30EDAB-7B6D-4D7A-9503-D1AAE2B868A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{452E50F3-CF08-4C64-AFD7-7F66D577A2FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60EB4C70-D11E-447A-9EF0-197382728959}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61718364-5D39-44BB-8A24-CBA5A45F5F90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D9012D5-0130-4548-B7C1-4E7E51AF002B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{740D798E-C604-4999-96C1-822289DD92A4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{86F09275-5DA7-454B-8E96-D0E8E7688394}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{9E67AFBF-9240-471A-8216-0DBB3E3B499C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A061D59C-282B-4679-B302-BB9E4E2A7453}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A26F04C7-77C6-4B5D-909A-2A006757C2C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A2A2C4C4-6BF0-4DD7-9A10-0885F31E9FC3}" = dir=in | app=c:\users\dom\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{BACF712C-5BC7-4849-AADF-5F979E207653}" = protocol=6 | dir=out | app=system |
"{BE65A417-0D1D-4DB3-B09D-FD90B0F6167D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{C536190F-817A-4E88-842C-89B40510C985}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E079D2B4-DEE2-444F-A96D-2975834DA47F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E19F5173-766C-4BA1-BE36-1F746C8FAC3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E62EBEC6-B336-4039-9B7C-AD1E5CEB691F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E660908F-65E8-4414-BFE8-B606A00D4FFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEBC1D49-CBA7-44EB-A6EB-EDDD2CA8A943}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F241AA6C-B58F-4AE6-A8ED-AD91D6F93631}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F75B9C9F-607D-456E-A4A0-581470F0DD81}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{F67A107F-FC4D-48B6-9ABA-136D07F0C7E8}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
"UDP Query User{769646B5-338D-4A6E-933D-B6706E3A11A6}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1" = EZDownloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{497C131E-2032-051B-B32A-C69A960FBB13}" = safeweob
"{4CB05D36-1518-395D-8C39-A102343CF661}" = Microsoft .NET Framework 4.7.1
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2010
"{90140000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0424-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovenian) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0424-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovenian) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0424-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovenian) 2010
"{90140000-0100-0424-0000-0000000FF1CE}" = Microsoft Office O MUI (Slovenian) 2010
"{90140000-0101-0424-0000-0000000FF1CE}" = Microsoft Office X MUI (Slovenian) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1
"{9BC95947-92FD-438B-A168-C01F9A5B7292}" = Google Drive
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Avast Antivirus" = Avast Free Antivirus
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveSupport_is1" = LiveSupport
"Office14.OMUI.sl-si" = Microsoft Office Language Pack 2010 - Slovenian/slovenščina
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"SafeZone 4.58.2552.909" = SafeZone Stable 4.58.2552.909
"VLC media player" = VLC media player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.1.2018 13:20:51 | Computer Name = Dom-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 28.1.2018 4:28:48 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:35:31 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:43:03 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:49:06 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 6.2.2018 14:59:52 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 7.2.2018 12:07:12 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 9.2.2018 18:24:34 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program CCleaner.exe version 3.28.0.1913 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d00 Start
Time: 01d3a1f3fa30788c Termination Time: 297 Application Path: C:\Program Files\CCleaner\CCleaner.exe
Report
Id: f7c0d164-0de7-11e8-9360-0015c5b51250
Error - 10.2.2018 9:10:32 | Computer Name = Dom-PC | Source = Application Error | ID = 1000
Description = Faulting application name: CompatTelRunner.exe, version: 10.0.17060.1019,
time stamp: 0xc6374ed7 Faulting module name: ntdll.dll, version: 6.1.7601.24000,
time stamp: 0x5a499696 Exception code: 0xc0000374 Fault offset: 0x000c3b93 Faulting
process id: 0x7c8 Faulting application start time: 0x01d3a26cf7b6cfa2 Faulting application
path: C:\Windows\system32\CompatTelRunner.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: c5d4687f-0e63-11e8-9360-0015c5b51250
Error - 10.2.2018 13:32:15 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program Dom.exe version 2.0.0.4 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 9cc Start Time:
01d3a293fb0da099 Termination Time: 250 Application Path: C:\Program Files\trend micro\Dom.exe
Report
Id: d6a41548-0e87-11e8-8bed-0015c5b51250
[ Media Center Events ]
Error - 23.3.2015 10:57:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:11 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 23.3.2015 10:57:16 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:15 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:35:38 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:35:38 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:51:56 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:41:07 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 24.3.2015 11:53:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 16:52:50 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 28.3.2015 9:51:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 14:51:07 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 30.3.2015 13:28:12 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:11 - Error connecting to the internet. 19:28:11 - Unable
to contact server..
Error - 30.3.2015 13:28:28 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:17 - Error connecting to the internet. 19:28:17 - Unable
to contact server..
Error - 30.3.2015 14:30:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:10 - Error connecting to the internet. 20:30:10 - Unable
to contact server..
Error - 30.3.2015 14:30:54 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:40 - Error connecting to the internet. 20:30:40 - Unable
to contact server..
[ System Events ]
Error - 9.2.2018 14:11:25 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:26 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:27 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:28 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 10.2.2018 11:51:14 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB2984976).
Error - 10.2.2018 11:51:29 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Update for Windows 7 (KB2923545).
Error - 10.2.2018 11:51:41 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3075226).
Error - 10.2.2018 11:51:50 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3020388).
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Favorites\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18893)
Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy
1014,12 Mb Total Physical Memory | 132,87 Mb Available Physical Memory | 13,10% Memory free
1,99 Gb Paging File | 1,02 Gb Available in Paging File | 51,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,79 Gb Total Space | 22,42 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044ECF18-C3F3-4ABE-BE3A-15E037E11C76}" = rport=137 | protocol=17 | dir=out | app=system |
"{0F8C1DCD-BC8C-4E1B-901C-92209A16E964}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{108973C9-0871-41CF-BA56-C31F7274F591}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{171B1460-0D7E-49A6-B61E-FAD2925DD90C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2980D292-4CCE-41B9-A906-8CBFBDEBB4AE}" = lport=137 | protocol=17 | dir=in | app=system |
"{2A934BFB-57A5-45CD-8BE5-D3700FB9A6A7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2B371CEE-BBE4-4A56-84A8-CE94B58ADFAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{371A3A61-4AFF-48A1-8E71-048AF6082275}" = rport=139 | protocol=6 | dir=out | app=system |
"{46C8A658-27BC-4179-AF34-3F8A221462AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{484CC30E-4690-4BD1-AE3C-060C8313C828}" = rport=445 | protocol=6 | dir=out | app=system |
"{49744DBD-0014-42E9-85E1-D116D0FC19A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56CD05F3-DE1B-4F3A-94E7-91361332C366}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F623014-7A3B-48EB-A88A-FCA6433AB5CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68B294A5-75D2-472F-AD01-7AC0631F89FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{707D2992-FC3B-4498-A164-A2E87A517D92}" = lport=139 | protocol=6 | dir=in | app=system |
"{77AB6EDD-5B93-4AFC-94F8-F683F2F10100}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8D414A2D-492A-4417-8EAB-BDA243C4835F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{91F8649E-665A-41FF-A2F8-0A940544F82C}" = rport=138 | protocol=17 | dir=out | app=system |
"{921EF2CC-3A61-473A-9D9C-7A30EDA2C565}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AF7AD5-4EFB-46B9-9FF8-EA9CEDDEA8F9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.609\szbrowser.exe |
"{99FFD16B-34C3-492D-A05F-1D9F5B5064EE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B094A629-9A4B-4A0F-A4DD-B61EF3B81C15}" = lport=138 | protocol=17 | dir=in | app=system |
"{D3200CD7-84FF-4C1D-B9F9-5E2B8B44EEF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D33D8F1F-ADC7-4971-8408-573ED54F92E5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{EAFC4975-8658-4BDD-BFBA-AB4233685AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF2791AC-0DB4-4F22-B217-0F3A7E0DABD7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\4.58.2552.909\szbrowser.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E6EF4E-E0B4-456E-8CC0-C2FE1899D0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0EA71CA2-6629-4DDE-B040-5EDCD4BC6CEC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107CDB89-0A0B-446E-A244-72046030177F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{153585BC-9184-452A-BDD8-56340BEA75E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{156CE7F9-C4C3-4C4D-9A2A-608A59297CC8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{2F0FA454-6BDC-4903-8997-80E1C3998135}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{368D53E8-C373-4B16-955C-2FEE69D80E74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A30EDAB-7B6D-4D7A-9503-D1AAE2B868A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{452E50F3-CF08-4C64-AFD7-7F66D577A2FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60EB4C70-D11E-447A-9EF0-197382728959}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61718364-5D39-44BB-8A24-CBA5A45F5F90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D9012D5-0130-4548-B7C1-4E7E51AF002B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{740D798E-C604-4999-96C1-822289DD92A4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{86F09275-5DA7-454B-8E96-D0E8E7688394}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{9E67AFBF-9240-471A-8216-0DBB3E3B499C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A061D59C-282B-4679-B302-BB9E4E2A7453}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A26F04C7-77C6-4B5D-909A-2A006757C2C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A2A2C4C4-6BF0-4DD7-9A10-0885F31E9FC3}" = dir=in | app=c:\users\dom\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{BACF712C-5BC7-4849-AADF-5F979E207653}" = protocol=6 | dir=out | app=system |
"{BE65A417-0D1D-4DB3-B09D-FD90B0F6167D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{C536190F-817A-4E88-842C-89B40510C985}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E079D2B4-DEE2-444F-A96D-2975834DA47F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E19F5173-766C-4BA1-BE36-1F746C8FAC3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E62EBEC6-B336-4039-9B7C-AD1E5CEB691F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E660908F-65E8-4414-BFE8-B606A00D4FFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEBC1D49-CBA7-44EB-A6EB-EDDD2CA8A943}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F241AA6C-B58F-4AE6-A8ED-AD91D6F93631}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F75B9C9F-607D-456E-A4A0-581470F0DD81}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{F67A107F-FC4D-48B6-9ABA-136D07F0C7E8}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
"UDP Query User{769646B5-338D-4A6E-933D-B6706E3A11A6}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1" = EZDownloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{497C131E-2032-051B-B32A-C69A960FBB13}" = safeweob
"{4CB05D36-1518-395D-8C39-A102343CF661}" = Microsoft .NET Framework 4.7.1
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2010
"{90140000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0424-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovenian) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0424-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovenian) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0424-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovenian) 2010
"{90140000-0100-0424-0000-0000000FF1CE}" = Microsoft Office O MUI (Slovenian) 2010
"{90140000-0101-0424-0000-0000000FF1CE}" = Microsoft Office X MUI (Slovenian) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1
"{9BC95947-92FD-438B-A168-C01F9A5B7292}" = Google Drive
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Avast Antivirus" = Avast Free Antivirus
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveSupport_is1" = LiveSupport
"Office14.OMUI.sl-si" = Microsoft Office Language Pack 2010 - Slovenian/slovenščina
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"SafeZone 4.58.2552.909" = SafeZone Stable 4.58.2552.909
"VLC media player" = VLC media player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.1.2018 13:20:51 | Computer Name = Dom-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 28.1.2018 4:28:48 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:35:31 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:43:03 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:49:06 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 6.2.2018 14:59:52 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 7.2.2018 12:07:12 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 9.2.2018 18:24:34 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program CCleaner.exe version 3.28.0.1913 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d00 Start
Time: 01d3a1f3fa30788c Termination Time: 297 Application Path: C:\Program Files\CCleaner\CCleaner.exe
Report
Id: f7c0d164-0de7-11e8-9360-0015c5b51250
Error - 10.2.2018 9:10:32 | Computer Name = Dom-PC | Source = Application Error | ID = 1000
Description = Faulting application name: CompatTelRunner.exe, version: 10.0.17060.1019,
time stamp: 0xc6374ed7 Faulting module name: ntdll.dll, version: 6.1.7601.24000,
time stamp: 0x5a499696 Exception code: 0xc0000374 Fault offset: 0x000c3b93 Faulting
process id: 0x7c8 Faulting application start time: 0x01d3a26cf7b6cfa2 Faulting application
path: C:\Windows\system32\CompatTelRunner.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: c5d4687f-0e63-11e8-9360-0015c5b51250
Error - 10.2.2018 13:32:15 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program Dom.exe version 2.0.0.4 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 9cc Start Time:
01d3a293fb0da099 Termination Time: 250 Application Path: C:\Program Files\trend micro\Dom.exe
Report
Id: d6a41548-0e87-11e8-8bed-0015c5b51250
[ Media Center Events ]
Error - 23.3.2015 10:57:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:11 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 23.3.2015 10:57:16 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:15 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:35:38 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:35:38 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:51:56 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:41:07 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 24.3.2015 11:53:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 16:52:50 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 28.3.2015 9:51:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 14:51:07 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 30.3.2015 13:28:12 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:11 - Error connecting to the internet. 19:28:11 - Unable
to contact server..
Error - 30.3.2015 13:28:28 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:17 - Error connecting to the internet. 19:28:17 - Unable
to contact server..
Error - 30.3.2015 14:30:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:10 - Error connecting to the internet. 20:30:10 - Unable
to contact server..
Error - 30.3.2015 14:30:54 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:40 - Error connecting to the internet. 20:30:40 - Unable
to contact server..
[ System Events ]
Error - 9.2.2018 14:11:25 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:26 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:27 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:28 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 10.2.2018 11:51:14 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB2984976).
Error - 10.2.2018 11:51:29 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Update for Windows 7 (KB2923545).
Error - 10.2.2018 11:51:41 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3075226).
Error - 10.2.2018 11:51:50 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3020388).
< End of report >
Ako sa do hory volá, taká Katka
Re: Zpomaleny pc prosim o kontrolu
OTL Extras logfile created on: 10.2.2018 21:05:18 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Favorites\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18893)
Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy
1014,12 Mb Total Physical Memory | 132,87 Mb Available Physical Memory | 13,10% Memory free
1,99 Gb Paging File | 1,02 Gb Available in Paging File | 51,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,79 Gb Total Space | 22,42 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044ECF18-C3F3-4ABE-BE3A-15E037E11C76}" = rport=137 | protocol=17 | dir=out | app=system |
"{0F8C1DCD-BC8C-4E1B-901C-92209A16E964}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{108973C9-0871-41CF-BA56-C31F7274F591}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{171B1460-0D7E-49A6-B61E-FAD2925DD90C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2980D292-4CCE-41B9-A906-8CBFBDEBB4AE}" = lport=137 | protocol=17 | dir=in | app=system |
"{2A934BFB-57A5-45CD-8BE5-D3700FB9A6A7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2B371CEE-BBE4-4A56-84A8-CE94B58ADFAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{371A3A61-4AFF-48A1-8E71-048AF6082275}" = rport=139 | protocol=6 | dir=out | app=system |
"{46C8A658-27BC-4179-AF34-3F8A221462AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{484CC30E-4690-4BD1-AE3C-060C8313C828}" = rport=445 | protocol=6 | dir=out | app=system |
"{49744DBD-0014-42E9-85E1-D116D0FC19A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56CD05F3-DE1B-4F3A-94E7-91361332C366}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F623014-7A3B-48EB-A88A-FCA6433AB5CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68B294A5-75D2-472F-AD01-7AC0631F89FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{707D2992-FC3B-4498-A164-A2E87A517D92}" = lport=139 | protocol=6 | dir=in | app=system |
"{77AB6EDD-5B93-4AFC-94F8-F683F2F10100}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8D414A2D-492A-4417-8EAB-BDA243C4835F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{91F8649E-665A-41FF-A2F8-0A940544F82C}" = rport=138 | protocol=17 | dir=out | app=system |
"{921EF2CC-3A61-473A-9D9C-7A30EDA2C565}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AF7AD5-4EFB-46B9-9FF8-EA9CEDDEA8F9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.609\szbrowser.exe |
"{99FFD16B-34C3-492D-A05F-1D9F5B5064EE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B094A629-9A4B-4A0F-A4DD-B61EF3B81C15}" = lport=138 | protocol=17 | dir=in | app=system |
"{D3200CD7-84FF-4C1D-B9F9-5E2B8B44EEF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D33D8F1F-ADC7-4971-8408-573ED54F92E5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{EAFC4975-8658-4BDD-BFBA-AB4233685AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF2791AC-0DB4-4F22-B217-0F3A7E0DABD7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\4.58.2552.909\szbrowser.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E6EF4E-E0B4-456E-8CC0-C2FE1899D0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0EA71CA2-6629-4DDE-B040-5EDCD4BC6CEC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107CDB89-0A0B-446E-A244-72046030177F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{153585BC-9184-452A-BDD8-56340BEA75E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{156CE7F9-C4C3-4C4D-9A2A-608A59297CC8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{2F0FA454-6BDC-4903-8997-80E1C3998135}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{368D53E8-C373-4B16-955C-2FEE69D80E74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A30EDAB-7B6D-4D7A-9503-D1AAE2B868A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{452E50F3-CF08-4C64-AFD7-7F66D577A2FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60EB4C70-D11E-447A-9EF0-197382728959}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61718364-5D39-44BB-8A24-CBA5A45F5F90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D9012D5-0130-4548-B7C1-4E7E51AF002B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{740D798E-C604-4999-96C1-822289DD92A4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{86F09275-5DA7-454B-8E96-D0E8E7688394}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{9E67AFBF-9240-471A-8216-0DBB3E3B499C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A061D59C-282B-4679-B302-BB9E4E2A7453}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A26F04C7-77C6-4B5D-909A-2A006757C2C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A2A2C4C4-6BF0-4DD7-9A10-0885F31E9FC3}" = dir=in | app=c:\users\dom\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{BACF712C-5BC7-4849-AADF-5F979E207653}" = protocol=6 | dir=out | app=system |
"{BE65A417-0D1D-4DB3-B09D-FD90B0F6167D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{C536190F-817A-4E88-842C-89B40510C985}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E079D2B4-DEE2-444F-A96D-2975834DA47F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E19F5173-766C-4BA1-BE36-1F746C8FAC3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E62EBEC6-B336-4039-9B7C-AD1E5CEB691F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E660908F-65E8-4414-BFE8-B606A00D4FFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEBC1D49-CBA7-44EB-A6EB-EDDD2CA8A943}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F241AA6C-B58F-4AE6-A8ED-AD91D6F93631}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F75B9C9F-607D-456E-A4A0-581470F0DD81}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{F67A107F-FC4D-48B6-9ABA-136D07F0C7E8}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
"UDP Query User{769646B5-338D-4A6E-933D-B6706E3A11A6}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1" = EZDownloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{497C131E-2032-051B-B32A-C69A960FBB13}" = safeweob
"{4CB05D36-1518-395D-8C39-A102343CF661}" = Microsoft .NET Framework 4.7.1
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2010
"{90140000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0424-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovenian) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0424-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovenian) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0424-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovenian) 2010
"{90140000-0100-0424-0000-0000000FF1CE}" = Microsoft Office O MUI (Slovenian) 2010
"{90140000-0101-0424-0000-0000000FF1CE}" = Microsoft Office X MUI (Slovenian) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1
"{9BC95947-92FD-438B-A168-C01F9A5B7292}" = Google Drive
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Avast Antivirus" = Avast Free Antivirus
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveSupport_is1" = LiveSupport
"Office14.OMUI.sl-si" = Microsoft Office Language Pack 2010 - Slovenian/slovenščina
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"SafeZone 4.58.2552.909" = SafeZone Stable 4.58.2552.909
"VLC media player" = VLC media player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.1.2018 13:20:51 | Computer Name = Dom-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 28.1.2018 4:28:48 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:35:31 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:43:03 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:49:06 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 6.2.2018 14:59:52 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 7.2.2018 12:07:12 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 9.2.2018 18:24:34 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program CCleaner.exe version 3.28.0.1913 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d00 Start
Time: 01d3a1f3fa30788c Termination Time: 297 Application Path: C:\Program Files\CCleaner\CCleaner.exe
Report
Id: f7c0d164-0de7-11e8-9360-0015c5b51250
Error - 10.2.2018 9:10:32 | Computer Name = Dom-PC | Source = Application Error | ID = 1000
Description = Faulting application name: CompatTelRunner.exe, version: 10.0.17060.1019,
time stamp: 0xc6374ed7 Faulting module name: ntdll.dll, version: 6.1.7601.24000,
time stamp: 0x5a499696 Exception code: 0xc0000374 Fault offset: 0x000c3b93 Faulting
process id: 0x7c8 Faulting application start time: 0x01d3a26cf7b6cfa2 Faulting application
path: C:\Windows\system32\CompatTelRunner.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: c5d4687f-0e63-11e8-9360-0015c5b51250
Error - 10.2.2018 13:32:15 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program Dom.exe version 2.0.0.4 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 9cc Start Time:
01d3a293fb0da099 Termination Time: 250 Application Path: C:\Program Files\trend micro\Dom.exe
Report
Id: d6a41548-0e87-11e8-8bed-0015c5b51250
[ Media Center Events ]
Error - 23.3.2015 10:57:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:11 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 23.3.2015 10:57:16 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:15 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:35:38 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:35:38 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:51:56 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:41:07 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 24.3.2015 11:53:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 16:52:50 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 28.3.2015 9:51:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 14:51:07 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 30.3.2015 13:28:12 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:11 - Error connecting to the internet. 19:28:11 - Unable
to contact server..
Error - 30.3.2015 13:28:28 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:17 - Error connecting to the internet. 19:28:17 - Unable
to contact server..
Error - 30.3.2015 14:30:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:10 - Error connecting to the internet. 20:30:10 - Unable
to contact server..
Error - 30.3.2015 14:30:54 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:40 - Error connecting to the internet. 20:30:40 - Unable
to contact server..
[ System Events ]
Error - 9.2.2018 14:11:25 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:26 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:27 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:28 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 10.2.2018 11:51:14 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB2984976).
Error - 10.2.2018 11:51:29 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Update for Windows 7 (KB2923545).
Error - 10.2.2018 11:51:41 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3075226).
Error - 10.2.2018 11:51:50 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3020388).
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dom\Favorites\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18893)
Locale: 00000424 | Country: Slovenija | Language: SLV | Date Format: d.M.yyyy
1014,12 Mb Total Physical Memory | 132,87 Mb Available Physical Memory | 13,10% Memory free
1,99 Gb Paging File | 1,02 Gb Available in Paging File | 51,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55,79 Gb Total Space | 22,42 Gb Free Space | 40,19% Space Free | Partition Type: NTFS
Computer Name: DOM-PC | User Name: Dom | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3098442832-3355709873-3718529349-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044ECF18-C3F3-4ABE-BE3A-15E037E11C76}" = rport=137 | protocol=17 | dir=out | app=system |
"{0F8C1DCD-BC8C-4E1B-901C-92209A16E964}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{108973C9-0871-41CF-BA56-C31F7274F591}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{171B1460-0D7E-49A6-B61E-FAD2925DD90C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2980D292-4CCE-41B9-A906-8CBFBDEBB4AE}" = lport=137 | protocol=17 | dir=in | app=system |
"{2A934BFB-57A5-45CD-8BE5-D3700FB9A6A7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{2B371CEE-BBE4-4A56-84A8-CE94B58ADFAC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{371A3A61-4AFF-48A1-8E71-048AF6082275}" = rport=139 | protocol=6 | dir=out | app=system |
"{46C8A658-27BC-4179-AF34-3F8A221462AE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{484CC30E-4690-4BD1-AE3C-060C8313C828}" = rport=445 | protocol=6 | dir=out | app=system |
"{49744DBD-0014-42E9-85E1-D116D0FC19A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56CD05F3-DE1B-4F3A-94E7-91361332C366}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5F623014-7A3B-48EB-A88A-FCA6433AB5CF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{68B294A5-75D2-472F-AD01-7AC0631F89FE}" = lport=445 | protocol=6 | dir=in | app=system |
"{707D2992-FC3B-4498-A164-A2E87A517D92}" = lport=139 | protocol=6 | dir=in | app=system |
"{77AB6EDD-5B93-4AFC-94F8-F683F2F10100}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8D414A2D-492A-4417-8EAB-BDA243C4835F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{91F8649E-665A-41FF-A2F8-0A940544F82C}" = rport=138 | protocol=17 | dir=out | app=system |
"{921EF2CC-3A61-473A-9D9C-7A30EDA2C565}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{92AF7AD5-4EFB-46B9-9FF8-EA9CEDDEA8F9}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.609\szbrowser.exe |
"{99FFD16B-34C3-492D-A05F-1D9F5B5064EE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{B094A629-9A4B-4A0F-A4DD-B61EF3B81C15}" = lport=138 | protocol=17 | dir=in | app=system |
"{D3200CD7-84FF-4C1D-B9F9-5E2B8B44EEF4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D33D8F1F-ADC7-4971-8408-573ED54F92E5}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{EAFC4975-8658-4BDD-BFBA-AB4233685AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF2791AC-0DB4-4F22-B217-0F3A7E0DABD7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\4.58.2552.909\szbrowser.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E6EF4E-E0B4-456E-8CC0-C2FE1899D0D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{0EA71CA2-6629-4DDE-B040-5EDCD4BC6CEC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107CDB89-0A0B-446E-A244-72046030177F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{153585BC-9184-452A-BDD8-56340BEA75E6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{156CE7F9-C4C3-4C4D-9A2A-608A59297CC8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{2F0FA454-6BDC-4903-8997-80E1C3998135}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{368D53E8-C373-4B16-955C-2FEE69D80E74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A30EDAB-7B6D-4D7A-9503-D1AAE2B868A5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{452E50F3-CF08-4C64-AFD7-7F66D577A2FD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60EB4C70-D11E-447A-9EF0-197382728959}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{61718364-5D39-44BB-8A24-CBA5A45F5F90}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6D9012D5-0130-4548-B7C1-4E7E51AF002B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{740D798E-C604-4999-96C1-822289DD92A4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{86F09275-5DA7-454B-8E96-D0E8E7688394}" = protocol=6 | dir=in | app=c:\program files\teamviewer\teamviewer_service.exe |
"{9E67AFBF-9240-471A-8216-0DBB3E3B499C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{A061D59C-282B-4679-B302-BB9E4E2A7453}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A26F04C7-77C6-4B5D-909A-2A006757C2C5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A2A2C4C4-6BF0-4DD7-9A10-0885F31E9FC3}" = dir=in | app=c:\users\dom\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{BACF712C-5BC7-4849-AADF-5F979E207653}" = protocol=6 | dir=out | app=system |
"{BE65A417-0D1D-4DB3-B09D-FD90B0F6167D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\teamviewer.exe |
"{C536190F-817A-4E88-842C-89B40510C985}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E079D2B4-DEE2-444F-A96D-2975834DA47F}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E19F5173-766C-4BA1-BE36-1F746C8FAC3B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E62EBEC6-B336-4039-9B7C-AD1E5CEB691F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E660908F-65E8-4414-BFE8-B606A00D4FFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEBC1D49-CBA7-44EB-A6EB-EDDD2CA8A943}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F241AA6C-B58F-4AE6-A8ED-AD91D6F93631}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{F75B9C9F-607D-456E-A4A0-581470F0DD81}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{F67A107F-FC4D-48B6-9ABA-136D07F0C7E8}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=6 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
"UDP Query User{769646B5-338D-4A6E-933D-B6706E3A11A6}D:\easysetupassistant\wr941n\easysetupassistant.exe" = protocol=17 | dir=in | app=d:\easysetupassistant\wr941n\easysetupassistant.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1" = EZDownloader
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{497C131E-2032-051B-B32A-C69A960FBB13}" = safeweob
"{4CB05D36-1518-395D-8C39-A102343CF661}" = Microsoft .NET Framework 4.7.1
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0424-0000-0000000FF1CE}" = Microsoft Office Access MUI (Slovenian) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0424-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Slovenian) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0424-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Slovenian) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0424-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Slovenian) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0424-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Slovenian) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0424-0000-0000000FF1CE}" = Microsoft Office Word MUI (Slovenian) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-041A-0000-0000000FF1CE}" = Microsoft Office Proof (Croatian) 2010
"{90140000-001F-0424-0000-0000000FF1CE}" = Microsoft Office Proof (Slovenian) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0424-0000-0000000FF1CE}" = Microsoft Office Proofing (Slovenian) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0424-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Slovenian) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0424-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Slovenian) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0424-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Slovenian) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0424-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Slovenian) 2010
"{90140000-0100-0424-0000-0000000FF1CE}" = Microsoft Office O MUI (Slovenian) 2010
"{90140000-0101-0424-0000-0000000FF1CE}" = Microsoft Office X MUI (Slovenian) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.7.1
"{9BC95947-92FD-438B-A168-C01F9A5B7292}" = Google Drive
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Avast Antivirus" = Avast Free Antivirus
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LiveSupport_is1" = LiveSupport
"Office14.OMUI.sl-si" = Microsoft Office Language Pack 2010 - Slovenian/slovenščina
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Optimizer Pro_is1" = Optimizer Pro v3.2
"SafeZone 4.58.2552.909" = SafeZone Stable 4.58.2552.909
"VLC media player" = VLC media player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.1.2018 13:20:51 | Computer Name = Dom-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 28.1.2018 4:28:48 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:35:31 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:43:03 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 28.1.2018 5:49:06 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 6.2.2018 14:59:52 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 7.2.2018 12:07:12 | Computer Name = Dom-PC | Source = Google Update | ID = 20
Description =
Error - 9.2.2018 18:24:34 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program CCleaner.exe version 3.28.0.1913 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: d00 Start
Time: 01d3a1f3fa30788c Termination Time: 297 Application Path: C:\Program Files\CCleaner\CCleaner.exe
Report
Id: f7c0d164-0de7-11e8-9360-0015c5b51250
Error - 10.2.2018 9:10:32 | Computer Name = Dom-PC | Source = Application Error | ID = 1000
Description = Faulting application name: CompatTelRunner.exe, version: 10.0.17060.1019,
time stamp: 0xc6374ed7 Faulting module name: ntdll.dll, version: 6.1.7601.24000,
time stamp: 0x5a499696 Exception code: 0xc0000374 Fault offset: 0x000c3b93 Faulting
process id: 0x7c8 Faulting application start time: 0x01d3a26cf7b6cfa2 Faulting application
path: C:\Windows\system32\CompatTelRunner.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report
Id: c5d4687f-0e63-11e8-9360-0015c5b51250
Error - 10.2.2018 13:32:15 | Computer Name = Dom-PC | Source = Application Hang | ID = 1002
Description = The program Dom.exe version 2.0.0.4 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 9cc Start Time:
01d3a293fb0da099 Termination Time: 250 Application Path: C:\Program Files\trend micro\Dom.exe
Report
Id: d6a41548-0e87-11e8-8bed-0015c5b51250
[ Media Center Events ]
Error - 23.3.2015 10:57:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:11 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 23.3.2015 10:57:16 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:57:15 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:35:38 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:35:38 - Failed to retrieve Directory (Error: Unable to connect
to the remote server)
Error - 24.3.2015 10:51:56 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 15:41:07 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 24.3.2015 11:53:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 16:52:50 - Failed to retrieve Broadband (Error: Unable to connect
to the remote server)
Error - 28.3.2015 9:51:07 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 14:51:07 - Failed to retrieve MCESpotlight (Error: Unable to connect
to the remote server)
Error - 30.3.2015 13:28:12 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:11 - Error connecting to the internet. 19:28:11 - Unable
to contact server..
Error - 30.3.2015 13:28:28 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 19:28:17 - Error connecting to the internet. 19:28:17 - Unable
to contact server..
Error - 30.3.2015 14:30:11 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:10 - Error connecting to the internet. 20:30:10 - Unable
to contact server..
Error - 30.3.2015 14:30:54 | Computer Name = Dom-PC | Source = MCUpdate | ID = 0
Description = 20:30:40 - Error connecting to the internet. 20:30:40 - Unable
to contact server..
[ System Events ]
Error - 9.2.2018 14:11:25 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:26 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:27 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:28 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort1.
Error - 9.2.2018 14:11:29 | Computer Name = Dom-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.
Error - 10.2.2018 11:51:14 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB2984976).
Error - 10.2.2018 11:51:29 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Update for Windows 7 (KB2923545).
Error - 10.2.2018 11:51:41 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3075226).
Error - 10.2.2018 11:51:50 | Computer Name = Dom-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070308: Security Update for Windows 7 (KB3020388).
< End of report >
Ako sa do hory volá, taká Katka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomaleny pc prosim o kontrolu
Je to v pořádku. Spusťte nyní tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomaleny pc prosim o kontrolu
hotovo. tu je log:
# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Ultimate (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
Deleted: C:\Program Files\LiveSupport
Deleted: C:\Users\Administrator\AppData\Local\torch
Deleted: C:\Users\Dom\AppData\Local\torch
Deleted: C:\Users\Guest\AppData\Local\torch
Deleted: C:\Users\HomeGroupUser$\AppData\Local\torch
Deleted: C:\ProgramData\AskPartnerNetwork
Deleted: C:\ProgramData\Application Data\AskPartnerNetwork
Deleted: C:\Program Files\AskPartnerNetwork
Deleted: C:\Users\All Users\AskPartnerNetwork
Deleted: C:\Users\Dom\AppData\Local\AskPartnerNetwork
Deleted: C:\Users\Dom\AppData\LocalLow\Conduit
Deleted: C:\ProgramData\apn
Deleted: C:\ProgramData\Application Data\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Dom\AppData\Roaming\EZDownloader
Deleted: C:\Users\Dom\AppData\Roaming\OpenCandy
Deleted: C:\Users\Dom\AppData\Roaming\Systweak
Deleted: C:\Program Files\Optimizer Pro
Deleted: C:\ProgramData\2ef7ffdf5ad4c68e
***** [ Files ] *****
Deleted: C:\Users\Dom\AppData\Roaming\LiveSupport.exe_log.txt
Deleted: C:\Users\Dom\AppData\Roaming\regsvr32.exe_log.txt
Deleted: C:\Windows\System32\roboot.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Optimizer Pro
Deleted: [Key] - HKCU\Software\Optimizer Pro
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\LiveSupport
Deleted: [Key] - HKCU\Software\LiveSupport
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted: [Key] - HKLM\SOFTWARE\AskPartnerNetwork
Deleted: [Key] - HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted: [Key] - HKCU\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\systweak
Deleted: [Key] - HKU\.DEFAULT\Software\Auslogics
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Auslogics
Deleted: [Key] - HKU\S-1-5-18\Software\Auslogics
Deleted: [Key] - HKCU\Software\Auslogics
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [8743 B] - [2018/2/11 12:21:47]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Upda# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 11 12:23:42 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Ultimate (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LiveSupport
Deleted: C:\Program Files\LiveSupport
Deleted: C:\Users\Administrator\AppData\Local\torch
Deleted: C:\Users\Dom\AppData\Local\torch
Deleted: C:\Users\Guest\AppData\Local\torch
Deleted: C:\Users\HomeGroupUser$\AppData\Local\torch
Deleted: C:\ProgramData\AskPartnerNetwork
Deleted: C:\ProgramData\Application Data\AskPartnerNetwork
Deleted: C:\Program Files\AskPartnerNetwork
Deleted: C:\Users\All Users\AskPartnerNetwork
Deleted: C:\Users\Dom\AppData\Local\AskPartnerNetwork
Deleted: C:\Users\Dom\AppData\LocalLow\Conduit
Deleted: C:\ProgramData\apn
Deleted: C:\ProgramData\Application Data\apn
Deleted: C:\Users\All Users\apn
Deleted: C:\Users\Dom\AppData\Roaming\EZDownloader
Deleted: C:\Users\Dom\AppData\Roaming\OpenCandy
Deleted: C:\Users\Dom\AppData\Roaming\Systweak
Deleted: C:\Program Files\Optimizer Pro
Deleted: C:\ProgramData\2ef7ffdf5ad4c68e
***** [ Files ] *****
Deleted: C:\Users\Dom\AppData\Roaming\LiveSupport.exe_log.txt
Deleted: C:\Users\Dom\AppData\Roaming\regsvr32.exe_log.txt
Deleted: C:\Windows\System32\roboot.exe
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Optimizer Pro
Deleted: [Key] - HKCU\Software\Optimizer Pro
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\LiveSupport_is1
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\LiveSupport
Deleted: [Key] - HKCU\Software\LiveSupport
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
Deleted: [Key] - HKLM\SOFTWARE\AskPartnerNetwork
Deleted: [Key] - HKU\.DEFAULT\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-18\Software\AskPartnerNetwork
Deleted: [Key] - HKCU\Software\AskPartnerNetwork
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Softonic
Deleted: [Key] - HKCU\Software\Softonic
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\systweak
Deleted: [Key] - HKU\.DEFAULT\Software\Auslogics
Deleted: [Key] - HKU\S-1-5-21-3098442832-3355709873-3718529349-1000\Software\Auslogics
Deleted: [Key] - HKU\S-1-5-18\Software\Auslogics
Deleted: [Key] - HKCU\Software\Auslogics
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [8743 B] - [2018/2/11 12:21:47]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Ako sa do hory volá, taká Katka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomaleny pc prosim o kontrolu
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomaleny pc prosim o kontrolu
hotovo
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dom at 2018-02-11 19:30:46
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 23 GB (41%) free of 57 GB
Total RAM: 1014 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:54, on 11.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Dom\Favorites\Downloads\RSIT.exe
C:\Program Files\trend micro\Dom.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Pošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: P&ošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.4.1/ ... s-i586.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Storitev Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Storitev Posodobitve za Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5175 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-09 246120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Dom\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files\Optimizer Pro\OptProLauncher.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-11 13:28:48 ----D---- C:\ProgramData\SWCUTemp
2018-02-11 13:15:23 ----D---- C:\AdwCleaner
2018-02-10 18:32:42 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-02-10 18:32:33 ----A---- C:\Windows\system32\mstscax.dll
2018-02-10 18:32:28 ----A---- C:\Windows\system32\wksprt.exe
2018-02-10 18:32:27 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-02-10 18:32:26 ----A---- C:\Windows\system32\tsgqec.dll
2018-02-10 18:24:05 ----D---- C:\Program Files\trend micro
2018-02-10 18:23:55 ----D---- C:\rsit
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpudd.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpcorets.dll
2018-02-09 22:31:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-02-09 22:31:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-02-09 22:28:47 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-02-09 22:28:35 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-09 22:28:29 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-02-09 22:28:26 ----A---- C:\Windows\system32\wksprtPS.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-02-09 22:28:20 ----A---- C:\Windows\system32\mstsc.exe
2018-02-09 22:04:22 ----A---- C:\Windows\system32\appraiser.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\generaltel.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\aeinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\devinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\centel.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\acmigration.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\invagent.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aitstatic.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aepic.dll
2018-02-09 16:36:36 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-02-09 16:36:35 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-02-09 16:36:34 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-02-05 21:40:22 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-02-02 17:21:49 ----A---- C:\Windows\system32\drivers\staport.sys
2018-02-02 17:17:52 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2018-02-11 19:33:42 ----D---- C:\Windows\Temp
2018-02-11 19:28:34 ----D---- C:\Windows\Prefetch
2018-02-11 17:22:43 ----D---- C:\Windows\system32\config
2018-02-11 17:21:57 ----D---- C:\Windows\rescache
2018-02-11 13:28:48 ----HD---- C:\ProgramData
2018-02-11 13:23:22 ----D---- C:\Windows\System32
2018-02-11 13:23:21 ----RD---- C:\Program Files
2018-02-11 13:00:39 ----D---- C:\Windows\winsxs
2018-02-11 12:59:52 ----D---- C:\Windows\system32\en-US
2018-02-11 12:57:40 ----SHD---- C:\System Volume Information
2018-02-11 12:56:15 ----D---- C:\Windows\tracing
2018-02-09 22:43:13 ----D---- C:\Windows\system32\appraiser
2018-02-09 22:43:12 ----D---- C:\Windows\system32\drivers
2018-02-09 22:43:12 ----D---- C:\Windows\PolicyDefinitions
2018-02-09 22:43:11 ----D---- C:\Windows\system32\wbem
2018-02-09 22:43:11 ----D---- C:\Windows\system32\drivers\en-US
2018-02-09 22:43:07 ----RSD---- C:\Windows\Fonts
2018-02-09 22:43:05 ----D---- C:\Windows\system32\DriverStore
2018-02-09 22:42:50 ----D---- C:\Windows\inf
2018-02-09 22:38:06 ----D---- C:\Windows\system32\catroot2
2018-02-09 21:45:47 ----D---- C:\Windows\system32\NDF
2018-02-09 17:07:57 ----D---- C:\Windows\system32\wfp
2018-02-09 17:07:53 ----D---- C:\Windows
2018-02-09 17:06:46 ----D---- C:\Windows\system32\Boot
2018-02-09 17:06:38 ----D---- C:\Windows\registration
2018-02-08 21:18:19 ----SHD---- C:\Windows\Installer
2018-02-02 22:07:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-02 17:21:31 ----D---- C:\Windows\system32\Tasks
2018-02-02 17:15:02 ----D---- C:\Windows\Tasks
2018-02-02 17:13:58 ----D---- C:\Windows\system32\drivers\etc
2018-01-28 11:22:36 ----D---- C:\Windows\Microsoft.NET
2018-01-28 10:18:13 ----SHD---- C:\Config.Msi
2018-01-23 19:02:26 ----D---- C:\Windows\debug
2018-01-12 18:34:10 ----RSD---- C:\Windows\assembly
2018-01-12 18:21:15 ----D---- C:\Windows\system32\MRT
2018-01-12 18:13:29 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-12 18:12:37 ----AC---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-09 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-09 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-09 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-09 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-09 294680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-09 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-09 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-09 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-20 39752]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-09 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-09 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-09 151328]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-09 42824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 37064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-09 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-09 5906816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 gupdate;Storitev Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-26 1045256]
S3 gupdatem;Storitev Posodobitve za Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-25 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dom at 2018-02-11 19:30:46
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 23 GB (41%) free of 57 GB
Total RAM: 1014 MB (10% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:54, on 11.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Dom\Favorites\Downloads\RSIT.exe
C:\Program Files\trend micro\Dom.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Pošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: P&ošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.4.1/ ... s-i586.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Storitev Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Storitev Posodobitve za Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5175 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-09 246120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Dom\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files\Optimizer Pro\OptProLauncher.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-11 13:28:48 ----D---- C:\ProgramData\SWCUTemp
2018-02-11 13:15:23 ----D---- C:\AdwCleaner
2018-02-10 18:32:42 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-02-10 18:32:33 ----A---- C:\Windows\system32\mstscax.dll
2018-02-10 18:32:28 ----A---- C:\Windows\system32\wksprt.exe
2018-02-10 18:32:27 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-02-10 18:32:26 ----A---- C:\Windows\system32\tsgqec.dll
2018-02-10 18:24:05 ----D---- C:\Program Files\trend micro
2018-02-10 18:23:55 ----D---- C:\rsit
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpudd.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpcorets.dll
2018-02-09 22:31:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-02-09 22:31:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-02-09 22:28:47 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-02-09 22:28:35 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-09 22:28:29 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-02-09 22:28:26 ----A---- C:\Windows\system32\wksprtPS.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-02-09 22:28:20 ----A---- C:\Windows\system32\mstsc.exe
2018-02-09 22:04:22 ----A---- C:\Windows\system32\appraiser.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\generaltel.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\aeinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\devinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\centel.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\acmigration.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\invagent.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aitstatic.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aepic.dll
2018-02-09 16:36:36 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-02-09 16:36:35 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-02-09 16:36:34 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-02-05 21:40:22 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-02-02 17:21:49 ----A---- C:\Windows\system32\drivers\staport.sys
2018-02-02 17:17:52 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2018-02-11 19:33:42 ----D---- C:\Windows\Temp
2018-02-11 19:28:34 ----D---- C:\Windows\Prefetch
2018-02-11 17:22:43 ----D---- C:\Windows\system32\config
2018-02-11 17:21:57 ----D---- C:\Windows\rescache
2018-02-11 13:28:48 ----HD---- C:\ProgramData
2018-02-11 13:23:22 ----D---- C:\Windows\System32
2018-02-11 13:23:21 ----RD---- C:\Program Files
2018-02-11 13:00:39 ----D---- C:\Windows\winsxs
2018-02-11 12:59:52 ----D---- C:\Windows\system32\en-US
2018-02-11 12:57:40 ----SHD---- C:\System Volume Information
2018-02-11 12:56:15 ----D---- C:\Windows\tracing
2018-02-09 22:43:13 ----D---- C:\Windows\system32\appraiser
2018-02-09 22:43:12 ----D---- C:\Windows\system32\drivers
2018-02-09 22:43:12 ----D---- C:\Windows\PolicyDefinitions
2018-02-09 22:43:11 ----D---- C:\Windows\system32\wbem
2018-02-09 22:43:11 ----D---- C:\Windows\system32\drivers\en-US
2018-02-09 22:43:07 ----RSD---- C:\Windows\Fonts
2018-02-09 22:43:05 ----D---- C:\Windows\system32\DriverStore
2018-02-09 22:42:50 ----D---- C:\Windows\inf
2018-02-09 22:38:06 ----D---- C:\Windows\system32\catroot2
2018-02-09 21:45:47 ----D---- C:\Windows\system32\NDF
2018-02-09 17:07:57 ----D---- C:\Windows\system32\wfp
2018-02-09 17:07:53 ----D---- C:\Windows
2018-02-09 17:06:46 ----D---- C:\Windows\system32\Boot
2018-02-09 17:06:38 ----D---- C:\Windows\registration
2018-02-08 21:18:19 ----SHD---- C:\Windows\Installer
2018-02-02 22:07:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-02 17:21:31 ----D---- C:\Windows\system32\Tasks
2018-02-02 17:15:02 ----D---- C:\Windows\Tasks
2018-02-02 17:13:58 ----D---- C:\Windows\system32\drivers\etc
2018-01-28 11:22:36 ----D---- C:\Windows\Microsoft.NET
2018-01-28 10:18:13 ----SHD---- C:\Config.Msi
2018-01-23 19:02:26 ----D---- C:\Windows\debug
2018-01-12 18:34:10 ----RSD---- C:\Windows\assembly
2018-01-12 18:21:15 ----D---- C:\Windows\system32\MRT
2018-01-12 18:13:29 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-01-12 18:12:37 ----AC---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-09 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-09 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-09 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-09 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-09 294680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-09 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-09 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-09 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-20 39752]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-09 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-09 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-09 151328]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-09 42824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 37064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-09 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-09 5906816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 gupdate;Storitev Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-26 1045256]
S3 gupdatem;Storitev Posodobitve za Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-25 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Ako sa do hory volá, taká Katka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomaleny pc prosim o kontrolu
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.:files
C:\Program Files\Google\Google Toolbar
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zpomaleny pc prosim o kontrolu
hotovo, tu je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dom at 2018-02-12 14:15:53
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 24 GB (41%) free of 57 GB
Total RAM: 1014 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:47, on 12.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\notepad.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Dom\Favorites\Downloads\RSIT.exe
C:\Program Files\trend micro\Dom.exe
C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Pošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: P&ošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.4.1/ ... s-i586.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Storitev Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Storitev Posodobitve za Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5018 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-09 246120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Dom\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files\Optimizer Pro\OptProLauncher.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-12 14:10:43 ----D---- C:\ProgramData\SWCUTemp
2018-02-12 14:07:46 ----D---- C:\_OTM
2018-02-11 13:15:23 ----D---- C:\AdwCleaner
2018-02-10 18:32:42 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-02-10 18:32:33 ----A---- C:\Windows\system32\mstscax.dll
2018-02-10 18:32:28 ----A---- C:\Windows\system32\wksprt.exe
2018-02-10 18:32:27 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-02-10 18:32:26 ----A---- C:\Windows\system32\tsgqec.dll
2018-02-10 18:24:05 ----D---- C:\Program Files\trend micro
2018-02-10 18:23:55 ----D---- C:\rsit
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpudd.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpcorets.dll
2018-02-09 22:31:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-02-09 22:31:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-02-09 22:28:47 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-02-09 22:28:35 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-09 22:28:29 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-02-09 22:28:26 ----A---- C:\Windows\system32\wksprtPS.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-02-09 22:28:20 ----A---- C:\Windows\system32\mstsc.exe
2018-02-09 22:04:22 ----A---- C:\Windows\system32\appraiser.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\generaltel.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\aeinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\devinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\centel.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\acmigration.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\invagent.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aitstatic.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aepic.dll
2018-02-09 16:36:36 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-02-09 16:36:35 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-02-09 16:36:34 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-02-05 21:40:22 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-02-02 17:21:49 ----A---- C:\Windows\system32\drivers\staport.sys
2018-02-02 17:17:52 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2018-02-12 14:14:20 ----D---- C:\Windows\system32\config
2018-02-12 14:13:17 ----D---- C:\Windows\Temp
2018-02-12 14:10:43 ----HD---- C:\ProgramData
2018-02-12 14:09:56 ----D---- C:\Windows
2018-02-12 14:08:04 ----D---- C:\Windows\system32\drivers
2018-02-12 14:07:50 ----D---- C:\Program Files\Google
2018-02-12 14:06:45 ----D---- C:\Windows\Prefetch
2018-02-11 17:21:57 ----D---- C:\Windows\rescache
2018-02-11 13:23:22 ----D---- C:\Windows\System32
2018-02-11 13:23:21 ----RD---- C:\Program Files
2018-02-11 13:00:39 ----D---- C:\Windows\winsxs
2018-02-11 12:59:52 ----D---- C:\Windows\system32\en-US
2018-02-11 12:57:40 ----SHD---- C:\System Volume Information
2018-02-11 12:56:15 ----D---- C:\Windows\tracing
2018-02-09 22:43:13 ----D---- C:\Windows\system32\appraiser
2018-02-09 22:43:12 ----D---- C:\Windows\PolicyDefinitions
2018-02-09 22:43:11 ----D---- C:\Windows\system32\wbem
2018-02-09 22:43:11 ----D---- C:\Windows\system32\drivers\en-US
2018-02-09 22:43:07 ----RSD---- C:\Windows\Fonts
2018-02-09 22:43:05 ----D---- C:\Windows\system32\DriverStore
2018-02-09 22:42:50 ----D---- C:\Windows\inf
2018-02-09 22:38:06 ----D---- C:\Windows\system32\catroot2
2018-02-09 21:45:47 ----D---- C:\Windows\system32\NDF
2018-02-09 17:07:57 ----D---- C:\Windows\system32\wfp
2018-02-09 17:06:46 ----D---- C:\Windows\system32\Boot
2018-02-09 17:06:38 ----D---- C:\Windows\registration
2018-02-08 21:18:19 ----SHD---- C:\Windows\Installer
2018-02-02 22:07:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-02 17:21:31 ----D---- C:\Windows\system32\Tasks
2018-02-02 17:15:02 ----D---- C:\Windows\Tasks
2018-02-02 17:13:58 ----D---- C:\Windows\system32\drivers\etc
2018-01-28 11:22:36 ----D---- C:\Windows\Microsoft.NET
2018-01-28 10:18:13 ----SHD---- C:\Config.Msi
2018-01-23 19:02:26 ----D---- C:\Windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-09 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-09 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-09 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-09 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-09 294680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-09 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-09 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-09 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-20 39752]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-09 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-09 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-09 151328]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-09 42824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 37064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-09 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-09 5906816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 gupdate;Storitev Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-26 1045256]
S3 gupdatem;Storitev Posodobitve za Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-25 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dom at 2018-02-12 14:15:53
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 24 GB (41%) free of 57 GB
Total RAM: 1014 MB (7% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:18:47, on 12.2.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18894)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Windows\notepad.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Dom\Favorites\Downloads\RSIT.exe
C:\Program Files\trend micro\Dom.exe
C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Pošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: P&ošlji v OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Povezani &zapiski OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - http://javadl-esd.sun.com/update/1.4.1/ ... s-i586.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Storitev Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Storitev Posodobitve za Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 5018 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000Core.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3098442832-3355709873-3718529349-1000UA.job - C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-01-09 820672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-01-16 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-01-21 91520]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-01-09 246120]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc]
C:\Users\Dom\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-12 144008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Dom\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Optimizer Pro]
C:\Program Files\Optimizer Pro\OptProLauncher.exe []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-01-21 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2018-02-12 14:10:43 ----D---- C:\ProgramData\SWCUTemp
2018-02-12 14:07:46 ----D---- C:\_OTM
2018-02-11 13:15:23 ----D---- C:\AdwCleaner
2018-02-10 18:32:42 ----A---- C:\Windows\system32\TSWbPrxy.exe
2018-02-10 18:32:33 ----A---- C:\Windows\system32\mstscax.dll
2018-02-10 18:32:28 ----A---- C:\Windows\system32\wksprt.exe
2018-02-10 18:32:27 ----A---- C:\Windows\system32\rdvidcrl.dll
2018-02-10 18:32:26 ----A---- C:\Windows\system32\tsgqec.dll
2018-02-10 18:24:05 ----D---- C:\Program Files\trend micro
2018-02-10 18:23:55 ----D---- C:\rsit
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpudd.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2018-02-10 14:04:59 ----A---- C:\Windows\system32\rdpcorets.dll
2018-02-09 22:31:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2018-02-09 22:31:21 ----A---- C:\Windows\system32\rdpendp_winip.dll
2018-02-09 22:28:47 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2018-02-09 22:28:35 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2018-02-09 22:28:29 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2018-02-09 22:28:26 ----A---- C:\Windows\system32\wksprtPS.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2018-02-09 22:28:26 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2018-02-09 22:28:20 ----A---- C:\Windows\system32\mstsc.exe
2018-02-09 22:04:22 ----A---- C:\Windows\system32\appraiser.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\generaltel.dll
2018-02-09 22:04:21 ----A---- C:\Windows\system32\aeinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\devinv.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\centel.dll
2018-02-09 22:04:20 ----A---- C:\Windows\system32\acmigration.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\invagent.dll
2018-02-09 22:04:19 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aitstatic.exe
2018-02-09 22:04:19 ----A---- C:\Windows\system32\aepic.dll
2018-02-09 16:36:36 ----A---- C:\Windows\system32\KBDAZEL.DLL
2018-02-09 16:36:35 ----A---- C:\Windows\system32\kbdgeoqw.dll
2018-02-09 16:36:34 ----A---- C:\Windows\system32\KBDAZE.DLL
2018-02-05 21:40:22 ----A---- C:\Windows\system32\FNTCACHE.DAT
2018-02-02 17:21:49 ----A---- C:\Windows\system32\drivers\staport.sys
2018-02-02 17:17:52 ----A---- C:\Windows\system32\aswBoot.exe
======List of files/folders modified in the last 1 month======
2018-02-12 14:14:20 ----D---- C:\Windows\system32\config
2018-02-12 14:13:17 ----D---- C:\Windows\Temp
2018-02-12 14:10:43 ----HD---- C:\ProgramData
2018-02-12 14:09:56 ----D---- C:\Windows
2018-02-12 14:08:04 ----D---- C:\Windows\system32\drivers
2018-02-12 14:07:50 ----D---- C:\Program Files\Google
2018-02-12 14:06:45 ----D---- C:\Windows\Prefetch
2018-02-11 17:21:57 ----D---- C:\Windows\rescache
2018-02-11 13:23:22 ----D---- C:\Windows\System32
2018-02-11 13:23:21 ----RD---- C:\Program Files
2018-02-11 13:00:39 ----D---- C:\Windows\winsxs
2018-02-11 12:59:52 ----D---- C:\Windows\system32\en-US
2018-02-11 12:57:40 ----SHD---- C:\System Volume Information
2018-02-11 12:56:15 ----D---- C:\Windows\tracing
2018-02-09 22:43:13 ----D---- C:\Windows\system32\appraiser
2018-02-09 22:43:12 ----D---- C:\Windows\PolicyDefinitions
2018-02-09 22:43:11 ----D---- C:\Windows\system32\wbem
2018-02-09 22:43:11 ----D---- C:\Windows\system32\drivers\en-US
2018-02-09 22:43:07 ----RSD---- C:\Windows\Fonts
2018-02-09 22:43:05 ----D---- C:\Windows\system32\DriverStore
2018-02-09 22:42:50 ----D---- C:\Windows\inf
2018-02-09 22:38:06 ----D---- C:\Windows\system32\catroot2
2018-02-09 21:45:47 ----D---- C:\Windows\system32\NDF
2018-02-09 17:07:57 ----D---- C:\Windows\system32\wfp
2018-02-09 17:06:46 ----D---- C:\Windows\system32\Boot
2018-02-09 17:06:38 ----D---- C:\Windows\registration
2018-02-08 21:18:19 ----SHD---- C:\Windows\Installer
2018-02-02 22:07:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-02-02 17:21:31 ----D---- C:\Windows\system32\Tasks
2018-02-02 17:15:02 ----D---- C:\Windows\Tasks
2018-02-02 17:13:58 ----D---- C:\Windows\system32\drivers\etc
2018-01-28 11:22:36 ----D---- C:\Windows\Microsoft.NET
2018-01-28 10:18:13 ----SHD---- C:\Config.Msi
2018-01-23 19:02:26 ----D---- C:\Windows\debug
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [2018-01-09 157376]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblogx.sys [2018-01-09 276696]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [2018-01-09 50344]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-01-09 70832]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-01-09 294680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-01-09 158224]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [2018-01-09 255584]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-01-09 118144]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-08-20 39752]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-01-09 99528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-01-09 783104]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-01-11 390256]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-01-11 123880]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-01-09 151328]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-01-09 42824]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 taphss6;Anchorfree HSS VPN Adapter; C:\Windows\system32\DRIVERS\taphss6.sys [2013-02-22 37064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192]
S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-01-09 301168]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2018-01-09 5906816]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 gupdate;Storitev Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-26 1045256]
S3 gupdatem;Storitev Posodobitve za Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-12-29 104960]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-25 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2017-10-04 47200]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
-----------------EOF-----------------
Ako sa do hory volá, taká Katka
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zpomaleny pc prosim o kontrolu
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?