Zadávala jsem prosbu o kontrolu prvního PC, teď bych sem ještě přidala druhé. U něj neustále Avast detekuje infekci - URL:Mal. Ve firefoxu se začala otevírat nová okna a nakonec se počítač začal sám restartovat, přičemž se interval zkracuje. Spustila jsem ho v nouzovém režimu, kde drží a prosím o kontrolu logů. Díky moc!
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Ilpeva (administrator) on ILPEVA-PC on 25-07-2015 13:34:36
Running from C:\Users\Ilpeva\Desktop
Loaded Profiles: Ilpeva (Available Profiles: Ilpeva)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(forum.viry.cz) C:\Users\Ilpeva\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-417826297-2065636235-3177541415-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-417826297-2065636235-3177541415-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {0ADA1816-069D-4B37-9079-E08CE0E3D5D2} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {39E03545-D27B-4C7F-AA51-755F6D46B273} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {40C0DD75-9C5A-408E-8739-AA61058D255D} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {523E032A-9B10-4954-B6D6-58DAD85EAF69} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {73E8F03A-EF64-4528-8CEC-4A40D77E543A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {856F6AA3-D4D1-4906-9561-62289121A71F} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {9B543D5F-09A2-4ADE-B16F-9A0042336E66} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {A5FE8CF9-87B1-4166-BD85-FB735B011423} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {B19C74F4-3059-426F-BBF9-2436B9428590} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
Tcpip\Parameters: [DhcpNameServer] 83.240.0.215 83.240.0.136
Tcpip\..\Interfaces\{FD38A19A-E4ED-411C-A3BB-3E78CAFAEC7C}: [DhcpNameServer] 83.240.0.215 83.240.0.136
FireFox:
========
FF ProfilePath: C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: ConaveurTApups - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\Extensions\f@2yT.net [2015-07-21]
FF Extension: MonsoonReuvuenue - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\Extensions\r@YRztkG.com [2015-07-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-29]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
S2 ff39eb65; c:\Program Files (x86)\coolsoft\coolsoft.dll [2549248 2015-07-20] () [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-29] (Disc Soft Ltd)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 13:34 - 2015-07-25 13:34 - 00009541 _____ C:\Users\Ilpeva\Desktop\FRST.txt
2015-07-25 13:34 - 2015-07-25 13:34 - 00000000 ____D C:\FRST
2015-07-25 13:33 - 2015-07-25 13:33 - 00112640 _____ (forum.viry.cz) C:\Users\Ilpeva\Desktop\FRSTLauncher.exe
2015-07-25 12:15 - 2015-07-25 12:14 - 01222144 _____ C:\Users\Ilpeva\Desktop\RSITx64.exe
2015-07-25 12:13 - 2015-07-25 12:13 - 02135552 _____ (Farbar) C:\Users\Ilpeva\Desktop\FRST64.exe
2015-07-21 14:57 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 14:57 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 14:57 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 14:57 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 14:57 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 14:57 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 14:57 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 14:57 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 14:57 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 14:57 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 07:23 - 2015-07-22 07:01 - 00000000 ____D C:\Program Files (x86)\Validity
2015-07-21 07:23 - 2015-07-22 07:00 - 00000000 ____D C:\Program Files (x86)\ConaveurTApups
2015-07-21 07:23 - 2015-07-22 07:00 - 00000000 ____D C:\Program Files (x86)\CeonvertApaps
2015-07-21 07:02 - 2015-07-25 11:47 - 00001848 _____ C:\Windows\setupact.log
2015-07-21 07:02 - 2015-07-21 07:02 - 00000000 _____ C:\Windows\setuperr.log
2015-07-20 15:35 - 2015-07-20 15:35 - 00000218 _____ C:\Users\Ilpeva\AppData\Local\recently-used.xbel
2015-07-20 14:09 - 2015-07-21 17:08 - 00001058 _____ C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
2015-07-20 12:31 - 2015-07-22 07:01 - 00000000 ____D C:\Program Files (x86)\ReplliApp
2015-07-20 12:31 - 2015-07-22 07:01 - 00000000 ____D C:\Program Files (x86)\MonsoonReuvuenue
2015-07-20 12:31 - 2015-07-21 07:23 - 00000000 ____D C:\ProgramData\13577716749516954695
2015-07-20 12:31 - 2015-07-20 18:31 - 00000000 ____D C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
2015-07-20 08:09 - 2015-07-20 08:09 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\Google
2015-07-20 08:09 - 2015-07-20 08:09 - 00000000 ____D C:\Program Files (x86)\coolsoft
2015-07-19 21:47 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 21:47 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-15 07:25 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 07:25 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 07:25 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 07:25 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 07:25 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 07:25 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 07:25 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 07:25 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 07:25 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 07:25 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 07:25 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 07:25 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 07:25 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 07:25 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 07:25 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 07:25 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 07:25 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 07:25 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 07:25 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 07:25 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 07:25 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 07:25 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 07:25 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 07:25 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 07:25 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 07:25 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 07:25 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 07:25 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 07:25 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 07:25 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 07:25 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 07:25 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 07:25 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 07:25 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 07:25 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 07:25 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 07:25 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 07:25 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 07:25 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 07:25 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 07:25 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 07:25 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 07:25 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 07:25 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 07:25 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 07:25 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 07:25 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 07:25 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 07:25 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 07:25 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 07:25 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 07:25 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 07:25 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 07:25 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 07:24 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 07:24 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 07:24 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 07:24 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 07:24 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 07:24 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 07:24 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 07:24 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 07:24 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 07:24 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 07:24 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 07:24 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 07:24 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 07:24 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 07:24 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 07:24 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 07:24 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 07:24 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 07:24 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 07:24 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 07:24 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 07:24 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 07:24 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 07:24 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 07:24 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 07:24 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 07:24 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 07:24 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 07:24 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 07:24 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 07:24 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 07:24 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 07:24 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 07:24 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 07:24 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 07:24 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 07:24 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 07:24 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 07:24 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 07:24 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 07:23 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 07:23 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 07:23 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 07:23 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 07:23 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 07:23 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 07:23 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 07:23 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 07:23 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 07:23 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 07:23 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 07:23 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 07:23 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 07:23 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 07:23 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 07:23 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 07:23 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 07:23 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-13 00:21 - 2015-07-16 07:34 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-13 00:21 - 2015-07-16 07:33 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 00:21 - 2015-07-13 00:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-13 00:20 - 2015-07-13 00:23 - 00000000 ____D C:\ProgramData\Adobe
2015-07-11 20:12 - 2015-07-12 14:59 - 00000000 ____D C:\Users\Ilpeva\Documents\MightAndMagicXLegacy
2015-07-11 15:58 - 2015-07-11 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might & Magic X - Legacy
2015-07-06 09:28 - 2015-07-06 16:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:29 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-28 11:26 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-28 11:26 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-28 11:26 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-25 13:34 - 2014-11-29 23:28 - 00000000 ____D C:\Users\Ilpeva\Desktop\věci
2015-07-25 13:08 - 2015-03-04 08:26 - 00668564 _____ C:\Windows\system32\perfh005.dat
2015-07-25 13:08 - 2015-03-04 08:26 - 00141210 _____ C:\Windows\system32\perfc005.dat
2015-07-25 13:08 - 2015-03-01 17:12 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:45 - 2014-11-30 11:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-25 11:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 11:43 - 2014-11-30 12:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 11:34 - 2015-03-01 17:10 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:34 - 2015-03-01 17:10 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:29 - 2014-11-29 22:49 - 01633735 _____ C:\Windows\WindowsUpdate.log
2015-07-25 09:38 - 2015-04-04 16:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 16:17 - 2015-03-01 17:11 - 00411872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 23:09 - 2015-01-07 21:39 - 00000000 ____D C:\Users\Ilpeva\AppData\Local\CrashDumps
2015-07-20 15:34 - 2014-11-30 00:12 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\BitLord
2015-07-20 12:34 - 2014-11-29 23:40 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
2015-07-20 12:34 - 2006-01-01 01:01 - 00000000 ____D C:\Windows\Minidump
2015-07-20 10:50 - 2015-05-19 07:47 - 00000000 ____D C:\Users\Ilpeva\Documents\The Witcher 3
2015-07-20 09:12 - 2015-01-18 17:31 - 00000000 ____D C:\Users\Ilpeva\Desktop\GMS
2015-07-19 21:48 - 2014-11-30 11:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-16 09:33 - 2015-04-04 16:26 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 09:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 07:17 - 2014-11-30 16:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 07:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 07:16 - 2014-12-10 08:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 07:14 - 2015-03-01 15:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 07:00 - 2014-11-30 16:21 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 06:53 - 2014-11-29 23:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-15 07:43 - 2014-11-30 12:55 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 07:43 - 2014-11-30 12:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 07:43 - 2014-11-30 12:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 07:00 - 2009-07-14 07:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-14 21:06 - 2014-11-30 11:38 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-14 21:06 - 2014-11-30 11:38 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 21:05 - 2015-03-01 17:12 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-14 21:05 - 2014-11-30 11:38 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-13 00:24 - 2014-11-30 13:00 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\Adobe
2015-07-13 00:23 - 2014-11-30 12:55 - 00000000 ____D C:\Users\Ilpeva\AppData\Local\Adobe
2015-07-13 00:22 - 2015-03-01 15:53 - 00000000 ____D C:\Users\Ilpeva\Desktop\Office
2015-07-11 15:45 - 2015-01-02 11:22 - 00000000 ____D C:\Users\Ilpeva\AppData\Local\Setup Integrity Check
2015-07-06 16:20 - 2015-01-01 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2015-03-01 17:11 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-03 06:28 - 2014-11-30 11:25 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-28 11:30 - 2014-11-30 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-28 11:26 - 2015-06-01 19:19 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-27 08:52 - 2014-11-29 23:45 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
==================== Files in the root of some directories =======
2014-11-30 00:12 - 2015-07-20 15:07 - 0000000 _____ () C:\Users\Ilpeva\AppData\Roaming\bitlord_log.txt
2015-07-20 15:35 - 2015-07-20 15:35 - 0000218 _____ () C:\Users\Ilpeva\AppData\Local\recently-used.xbel
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 04:31
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Nový svazek) (Fixed) (Total:244.14 GB) (Free:29.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:687.37 GB) (Free:106.74 GB) NTFS
Drive f: () (Fixed) (Total:55.89 GB) (Free:14.54 GB) NTFS
Drive h: (ČERVENÁ2) (Removable) (Total:3.77 GB) (Free:1.24 GB) FAT32
Available physical RAM: 3190.42 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 22%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 55.9 GB) (Disk ID: 80368036)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 84FB1F93)
Partition 1: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Ilpeva\Desktop" je 49140 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
2 PC a sdílený problém - 2. počítač
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
2 PC a sdílený problém - 2. počítač
- Přílohy
-
- Addition.zip
- (9.03 KiB) Staženo 53 x
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ilpeva at 2015-07-25 13:37:09
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 30 GB (12%) free of 250 GB
Total RAM: 4094 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:37:19, on 25.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Program Files\trend micro\Ilpeva.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7221 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="1356.0.129834669\87146772" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1356 "\\.\pipe\gecko-crash-server-pipe.1356" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --proxy-stub-channel=Flash1744.739ED9E8.32327 --host-broker-channel=Flash1744.739ED9E8.28678 --host-pid=1744 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --channel=512.0046F28C.1710580611 --proxy-stub-channel=Flash1744.739ED9E8.32327 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" --host-npapi-version=28 --type=renderer
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Ilpeva\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\
f@2yT.net
r@YRztkG.com
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-14 1710056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-07-14 1710056]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-25 13:37:09 ----D---- C:\rsit
2015-07-25 13:37:09 ----D---- C:\Program Files\trend micro
2015-07-25 13:34:33 ----D---- C:\FRST
2015-07-25 11:51:50 ----A---- C:\Windows\ntbtlog.txt
2015-07-21 14:57:25 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 07:23:52 ----D---- C:\Program Files (x86)\ConaveurTApups
2015-07-21 07:23:48 ----D---- C:\Program Files (x86)\CeonvertApaps
2015-07-21 07:23:39 ----D---- C:\Program Files (x86)\Validity
2015-07-21 07:23:32 ----D---- C:\Program Files (x86)\ConveRRtApps
2015-07-20 12:31:44 ----D---- C:\Program Files (x86)\ReplliApp
2015-07-20 12:31:37 ----D---- C:\ProgramData\13577716749516954695
2015-07-20 12:31:27 ----D---- C:\Program Files (x86)\MonsoonReuvuenue
2015-07-20 12:31:06 ----D---- C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
2015-07-20 08:09:39 ----D---- C:\Program Files (x86)\coolsoft
2015-07-20 08:09:23 ----D---- C:\Users\Ilpeva\AppData\Roaming\Google
2015-07-19 21:47:48 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-19 21:47:48 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-07-15 07:25:30 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 07:25:29 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wups.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 07:25:23 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 07:25:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 07:25:21 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 07:25:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 07:25:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 07:25:20 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 07:25:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 07:25:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 07:25:15 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 07:25:14 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 07:25:14 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 07:25:13 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 07:25:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 07:25:11 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 07:25:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 07:25:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 07:25:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 07:25:07 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 07:25:07 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 07:25:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 07:25:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 07:25:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 07:25:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 07:25:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 07:25:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 07:25:01 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 07:24:58 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 07:24:55 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 07:24:54 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 07:24:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 07:24:48 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 07:24:48 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 07:24:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 07:24:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 07:24:22 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 07:24:22 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 07:24:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 07:24:21 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 07:24:21 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 07:23:59 ----A---- C:\Windows\system32\msi.dll
2015-07-15 07:23:58 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 07:23:58 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 07:23:58 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 07:23:58 ----A---- C:\Windows\system32\consent.exe
2015-07-15 07:23:58 ----A---- C:\Windows\system32\authui.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 07:23:57 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 07:23:57 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 07:23:57 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\rdpudd.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-07-15 07:23:42 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 07:23:41 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 07:23:41 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 07:23:41 ----A---- C:\Windows\system32\acmigration.dll
2015-07-13 00:21:04 ----D---- C:\Program Files (x86)\Adobe
2015-07-13 00:20:46 ----D---- C:\ProgramData\Adobe
2015-07-06 09:28:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:29:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-28 11:26:28 ----A---- C:\Windows\system32\nvhdap64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-28 11:26:27 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcompiler.dll
======List of files/folders modified in the last 1 month======
2015-07-25 13:37:09 ----RD---- C:\Program Files
2015-07-25 13:37:09 ----D---- C:\Windows\Temp
2015-07-25 13:35:31 ----D---- C:\Windows
2015-07-25 13:08:32 ----HD---- C:\Windows\System32
2015-07-25 13:08:32 ----D---- C:\Windows\inf
2015-07-25 13:08:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:45:07 ----D---- C:\ProgramData\NVIDIA
2015-07-25 09:41:07 ----SHD---- C:\System Volume Information
2015-07-25 09:38:59 ----D---- C:\Windows\system32\config
2015-07-25 09:38:56 ----SD---- C:\Windows\system32\GWX
2015-07-21 16:20:07 ----D---- C:\Windows\winsxs
2015-07-21 16:17:29 ----D---- C:\Windows\SysWOW64
2015-07-21 08:20:39 ----D---- C:\Windows\Prefetch
2015-07-21 07:23:52 ----RD---- C:\Program Files (x86)
2015-07-20 18:31:15 ----D---- C:\Windows\Tasks
2015-07-20 18:31:15 ----D---- C:\Windows\system32\Tasks
2015-07-20 15:34:54 ----D---- C:\Users\Ilpeva\AppData\Roaming\BitLord
2015-07-20 15:07:29 ----A---- C:\Users\Ilpeva\AppData\Roaming\bitlord_log.txt
2015-07-20 12:34:22 ----D---- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
2015-07-20 12:34:11 ----D---- C:\Windows\Minidump
2015-07-20 12:34:11 ----D---- C:\Windows\Logs
2015-07-20 12:34:11 ----D---- C:\Windows\debug
2015-07-20 12:31:37 ----HD---- C:\ProgramData
2015-07-19 21:48:57 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-19 21:48:30 ----D---- C:\Windows\system32\DriverStore
2015-07-19 21:48:08 ----D---- C:\Windows\system32\drivers
2015-07-16 09:33:59 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 09:13:49 ----D---- C:\Windows\rescache
2015-07-16 07:34:28 ----SHD---- C:\Windows\Installer
2015-07-16 07:17:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 07:17:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-16 07:17:06 ----D---- C:\Windows\system32\en-US
2015-07-16 07:17:06 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 07:17:06 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 07:17:05 ----D---- C:\Program Files\Internet Explorer
2015-07-16 07:17:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 07:17:00 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 07:16:59 ----D---- C:\Windows\system32\wbem
2015-07-16 07:16:59 ----D---- C:\Windows\system32\appraiser
2015-07-16 07:16:59 ----D---- C:\Windows\AppPatch
2015-07-16 07:14:59 ----D---- C:\ProgramData\Microsoft Help
2015-07-16 07:00:41 ----D---- C:\Windows\system32\MRT
2015-07-15 07:43:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 07:22:41 ----D---- C:\Windows\system32\catroot2
2015-07-14 21:06:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-07-14 21:06:07 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-07-14 21:05:57 ----A---- C:\Windows\system32\nvspcap64.dll
2015-07-14 21:05:57 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-07-13 00:24:34 ----D---- C:\Users\Ilpeva\AppData\Roaming\Adobe
2015-07-13 00:21:04 ----D---- C:\Program Files (x86)\Common Files
2015-07-06 16:20:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-03 06:28:26 ----A---- C:\Windows\system32\nvaudcap64v.dll
2015-06-28 11:26:35 ----D---- C:\ProgramData\boost_interprocess
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-07 93528]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-29 283064]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-07 65736]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-07 272248]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-07 1047320]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-07 29168]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-07 89944]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-07 137288]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-17 21712]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-14 19600]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-01-01 35064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-07 343336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 ff39eb65;coolsoft; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-14 1155216]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-14 1871504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-14 5544592]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ilpeva at 2015-07-25 13:37:09
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 30 GB (12%) free of 250 GB
Total RAM: 4094 MB (78% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:37:19, on 25.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Safe mode with network support
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Program Files\trend micro\Ilpeva.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7221 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="1356.0.129834669\87146772" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1356 "\\.\pipe\gecko-crash-server-pipe.1356" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --proxy-stub-channel=Flash1744.739ED9E8.32327 --host-broker-channel=Flash1744.739ED9E8.28678 --host-pid=1744 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --channel=512.0046F28C.1710580611 --proxy-stub-channel=Flash1744.739ED9E8.32327 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" --host-npapi-version=28 --type=renderer
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Ilpeva\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\
f@2yT.net
r@YRztkG.com
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-14 1710056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-07-14 1710056]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-07-25 13:37:09 ----D---- C:\rsit
2015-07-25 13:37:09 ----D---- C:\Program Files\trend micro
2015-07-25 13:34:33 ----D---- C:\FRST
2015-07-25 11:51:50 ----A---- C:\Windows\ntbtlog.txt
2015-07-21 14:57:25 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 07:23:52 ----D---- C:\Program Files (x86)\ConaveurTApups
2015-07-21 07:23:48 ----D---- C:\Program Files (x86)\CeonvertApaps
2015-07-21 07:23:39 ----D---- C:\Program Files (x86)\Validity
2015-07-21 07:23:32 ----D---- C:\Program Files (x86)\ConveRRtApps
2015-07-20 12:31:44 ----D---- C:\Program Files (x86)\ReplliApp
2015-07-20 12:31:37 ----D---- C:\ProgramData\13577716749516954695
2015-07-20 12:31:27 ----D---- C:\Program Files (x86)\MonsoonReuvuenue
2015-07-20 12:31:06 ----D---- C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
2015-07-20 08:09:39 ----D---- C:\Program Files (x86)\coolsoft
2015-07-20 08:09:23 ----D---- C:\Users\Ilpeva\AppData\Roaming\Google
2015-07-19 21:47:48 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-19 21:47:48 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-07-15 07:25:30 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 07:25:29 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wups.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 07:25:23 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 07:25:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 07:25:21 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 07:25:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 07:25:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 07:25:20 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 07:25:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 07:25:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 07:25:15 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 07:25:14 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 07:25:14 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 07:25:13 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 07:25:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 07:25:11 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 07:25:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 07:25:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 07:25:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 07:25:07 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 07:25:07 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 07:25:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 07:25:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 07:25:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 07:25:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 07:25:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 07:25:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 07:25:01 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 07:24:58 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 07:24:55 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 07:24:54 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 07:24:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 07:24:48 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 07:24:48 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 07:24:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 07:24:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 07:24:22 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 07:24:22 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 07:24:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 07:24:21 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 07:24:21 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 07:23:59 ----A---- C:\Windows\system32\msi.dll
2015-07-15 07:23:58 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 07:23:58 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 07:23:58 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 07:23:58 ----A---- C:\Windows\system32\consent.exe
2015-07-15 07:23:58 ----A---- C:\Windows\system32\authui.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 07:23:57 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 07:23:57 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 07:23:57 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\rdpudd.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-07-15 07:23:42 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 07:23:41 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 07:23:41 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 07:23:41 ----A---- C:\Windows\system32\acmigration.dll
2015-07-13 00:21:04 ----D---- C:\Program Files (x86)\Adobe
2015-07-13 00:20:46 ----D---- C:\ProgramData\Adobe
2015-07-06 09:28:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:29:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-28 11:26:28 ----A---- C:\Windows\system32\nvhdap64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-28 11:26:27 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcompiler.dll
======List of files/folders modified in the last 1 month======
2015-07-25 13:37:09 ----RD---- C:\Program Files
2015-07-25 13:37:09 ----D---- C:\Windows\Temp
2015-07-25 13:35:31 ----D---- C:\Windows
2015-07-25 13:08:32 ----HD---- C:\Windows\System32
2015-07-25 13:08:32 ----D---- C:\Windows\inf
2015-07-25 13:08:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:45:07 ----D---- C:\ProgramData\NVIDIA
2015-07-25 09:41:07 ----SHD---- C:\System Volume Information
2015-07-25 09:38:59 ----D---- C:\Windows\system32\config
2015-07-25 09:38:56 ----SD---- C:\Windows\system32\GWX
2015-07-21 16:20:07 ----D---- C:\Windows\winsxs
2015-07-21 16:17:29 ----D---- C:\Windows\SysWOW64
2015-07-21 08:20:39 ----D---- C:\Windows\Prefetch
2015-07-21 07:23:52 ----RD---- C:\Program Files (x86)
2015-07-20 18:31:15 ----D---- C:\Windows\Tasks
2015-07-20 18:31:15 ----D---- C:\Windows\system32\Tasks
2015-07-20 15:34:54 ----D---- C:\Users\Ilpeva\AppData\Roaming\BitLord
2015-07-20 15:07:29 ----A---- C:\Users\Ilpeva\AppData\Roaming\bitlord_log.txt
2015-07-20 12:34:22 ----D---- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
2015-07-20 12:34:11 ----D---- C:\Windows\Minidump
2015-07-20 12:34:11 ----D---- C:\Windows\Logs
2015-07-20 12:34:11 ----D---- C:\Windows\debug
2015-07-20 12:31:37 ----HD---- C:\ProgramData
2015-07-19 21:48:57 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-19 21:48:30 ----D---- C:\Windows\system32\DriverStore
2015-07-19 21:48:08 ----D---- C:\Windows\system32\drivers
2015-07-16 09:33:59 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 09:13:49 ----D---- C:\Windows\rescache
2015-07-16 07:34:28 ----SHD---- C:\Windows\Installer
2015-07-16 07:17:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 07:17:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-16 07:17:06 ----D---- C:\Windows\system32\en-US
2015-07-16 07:17:06 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 07:17:06 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 07:17:05 ----D---- C:\Program Files\Internet Explorer
2015-07-16 07:17:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 07:17:00 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 07:16:59 ----D---- C:\Windows\system32\wbem
2015-07-16 07:16:59 ----D---- C:\Windows\system32\appraiser
2015-07-16 07:16:59 ----D---- C:\Windows\AppPatch
2015-07-16 07:14:59 ----D---- C:\ProgramData\Microsoft Help
2015-07-16 07:00:41 ----D---- C:\Windows\system32\MRT
2015-07-15 07:43:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 07:22:41 ----D---- C:\Windows\system32\catroot2
2015-07-14 21:06:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-07-14 21:06:07 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-07-14 21:05:57 ----A---- C:\Windows\system32\nvspcap64.dll
2015-07-14 21:05:57 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-07-13 00:24:34 ----D---- C:\Users\Ilpeva\AppData\Roaming\Adobe
2015-07-13 00:21:04 ----D---- C:\Program Files (x86)\Common Files
2015-07-06 16:20:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-03 06:28:26 ----A---- C:\Windows\system32\nvaudcap64v.dll
2015-06-28 11:26:35 ----D---- C:\ProgramData\boost_interprocess
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-07 93528]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-29 283064]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-07 65736]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-07 272248]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-07 1047320]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-07 29168]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-07 89944]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-07 137288]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-17 21712]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-14 19600]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-01-01 35064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-07 343336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 ff39eb65;coolsoft; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-14 1155216]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-14 1871504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-14 5544592]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 2 PC a sdílený problém - 2. počítač
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
Je to PC kamaráda, který je zrovna pryč, ale taky doufám, že je legální.
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 2 PC a sdílený problém - 2. počítač
Takže opět dejte ty log z OTL, jako v předešlém vláknu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
Dobře... díky, že se nám věnujete.
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 2 PC a sdílený problém - 2. počítač
Není zač.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
Log:
OTL logfile created on: 25.7.2015 22:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ilpeva\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,87% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 28,48 Gb Free Space | 11,67% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 106,76 Gb Free Space | 15,53% Space Free | Partition Type: NTFS
Drive F: | 55,89 Gb Total Space | 14,54 Gb Free Space | 26,01% Space Free | Partition Type: NTFS
Computer Name: ILPEVA-PC | User Name: Ilpeva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.07.25 22:18:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
PRC - [2015.07.14 21:06:59 | 002,631,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.07.14 21:06:54 | 001,871,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.07.06 09:28:12 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.06.17 08:03:11 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015.05.11 21:16:22 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.05.07 21:15:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
========== Modules (No Company Name) ==========
MOD - [2015.07.14 21:06:59 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.05.07 21:15:52 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.05.07 21:15:50 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.04.17 07:23:01 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015.07.14 21:06:53 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.07.14 21:06:52 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2015.06.20 21:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.05.07 21:15:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (ff39eb65)
SRV - [2015.07.15 07:43:21 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.07.14 21:06:54 | 001,871,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.07.06 09:28:11 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.06.17 08:03:11 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.04.12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015.07.14 21:06:52 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.06.27 08:52:14 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015.06.17 11:10:27 | 000,204,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.05.07 21:15:55 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.05.07 21:15:55 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.05.07 21:15:55 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.05.07 21:15:55 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.05.07 21:15:55 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.05.07 21:15:54 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.05.07 21:15:46 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2015.01.01 21:46:45 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014.11.29 23:40:29 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.04.23 13:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2007.04.23 13:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 13:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 13:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 13:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV - [2015.01.17 19:44:00 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{0ADA1816-069D-4B37-9079-E08CE0E3D5D2}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{39E03545-D27B-4C7F-AA51-755F6D46B273}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{40C0DD75-9C5A-408E-8739-AA61058D255D}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{523E032A-9B10-4954-B6D6-58DAD85EAF69}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{73E8F03A-EF64-4528-8CEC-4A40D77E543A}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{856F6AA3-D4D1-4906-9561-62289121A71F}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{9B543D5F-09A2-4ADE-B16F-9A0042336E66}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{A5FE8CF9-87B1-4166-BD85-FB735B011423}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{B19C74F4-3059-426F-BBF9-2436B9428590}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.05.07 21:15:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2015.01.01 21:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Extensions
[2015.07.21 07:23:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions
[2015.07.21 07:23:53 | 000,000,000 | ---D | M] (ConaveurTApups) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\f@2yT.net
[2015.07.20 12:32:16 | 000,000,000 | ---D | M] (MonsoonReuvuenue) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\r@YRztkG.com
[2015.07.06 09:28:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.07.06 09:28:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-417826297-2065636235-3177541415-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.215 83.240.0.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD38A19A-E4ED-411C-A3BB-3E78CAFAEC7C}: DhcpNameServer = 83.240.0.215 83.240.0.136
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.01.01 21:59:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.01.11 21:57:14 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8bf01b3c-91da-11e4-b68a-001a4d6524fd}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf01b3c-91da-11e4-b68a-001a4d6524fd}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.07.25 22:18:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
[2015.07.25 13:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.07.25 13:37:09 | 000,000,000 | ---D | C] -- C:\rsit
[2015.07.25 13:34:33 | 000,000,000 | ---D | C] -- C:\FRST
[2015.07.25 12:24:09 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\AppData\Local\ElevatedDiagnostics
[2015.07.25 12:13:50 | 002,135,552 | ---- | C] (Farbar) -- C:\Users\Ilpeva\Desktop\FRST64.exe
[2015.07.21 14:57:25 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.21 14:57:24 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.21 14:57:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.21 14:57:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.21 14:57:24 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.21 14:57:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.21 14:57:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.21 14:57:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.21 07:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConaveurTApups
[2015.07.21 07:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CeonvertApaps
[2015.07.21 07:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Validity
[2015.07.21 07:23:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConveRRtApps
[2015.07.20 12:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReplliApp
[2015.07.20 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\13577716749516954695
[2015.07.20 12:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonsoonReuvuenue
[2015.07.20 12:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
[2015.07.20 08:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\coolsoft
[2015.07.20 08:09:23 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\AppData\Roaming\Google
[2015.07.19 21:47:48 | 000,065,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015.07.19 21:47:48 | 000,047,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.07.15 07:25:30 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015.07.15 07:25:29 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015.07.15 07:25:27 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.15 07:25:27 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.15 07:25:27 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.15 07:25:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.15 07:25:27 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.15 07:25:27 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.15 07:25:27 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.15 07:25:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.15 07:25:27 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.15 07:25:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.15 07:25:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.15 07:25:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.15 07:25:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.15 07:25:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.15 07:25:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.15 07:25:21 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.07.15 07:25:20 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.07.15 07:25:20 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.07.15 07:25:19 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.07.15 07:25:16 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.15 07:25:14 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.15 07:25:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.07.15 07:25:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.07.15 07:25:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.07.15 07:25:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.07.15 07:25:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.07.15 07:25:08 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.07.15 07:25:07 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.07.15 07:25:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.07.15 07:25:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.07.15 07:25:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.07.15 07:25:04 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.07.15 07:25:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.07.15 07:25:04 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.07.15 07:25:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.07.15 07:25:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.07.15 07:25:03 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.07.15 07:25:03 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.07.15 07:25:03 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.07.15 07:25:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.07.15 07:25:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.07.15 07:25:01 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.07.15 07:25:01 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.07.15 07:24:59 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.07.15 07:24:59 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.07.15 07:24:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.07.15 07:24:59 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.07.15 07:24:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.07.15 07:24:58 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.07.15 07:24:56 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.07.15 07:24:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.07.15 07:24:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.07.15 07:24:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.07.15 07:24:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.07.15 07:24:54 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.07.15 07:24:48 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.15 07:24:44 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.07.15 07:24:44 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.07.15 07:24:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015.07.15 07:24:24 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.15 07:24:23 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.15 07:24:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.15 07:24:22 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.07.15 07:24:22 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.15 07:24:22 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.15 07:24:22 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.15 07:24:22 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.15 07:24:22 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.15 07:24:22 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.15 07:24:22 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.15 07:24:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.15 07:24:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.15 07:24:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.15 07:24:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.15 07:23:59 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015.07.15 07:23:58 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015.07.15 07:23:58 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015.07.15 07:23:58 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015.07.15 07:23:57 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015.07.15 07:23:57 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015.07.15 07:23:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015.07.15 07:23:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015.07.15 07:23:47 | 001,112,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015.07.15 07:23:47 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015.07.15 07:23:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2015.07.15 07:23:42 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.15 07:23:42 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.15 07:23:42 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.15 07:23:42 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.15 07:23:42 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.15 07:23:41 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.15 07:23:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.15 07:23:41 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.13 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015.07.13 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015.07.13 00:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015.07.11 20:12:31 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\Documents\MightAndMagicXLegacy
[2015.07.11 15:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might & Magic X - Legacy
[2015.07.06 09:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.06.28 11:29:32 | 000,571,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.06.28 11:26:28 | 000,040,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.06.28 11:26:27 | 030,481,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.06.28 11:26:27 | 022,947,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.06.28 11:26:27 | 016,145,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.06.28 11:26:27 | 013,263,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.06.28 11:26:27 | 001,898,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435330.dll
[2015.06.28 11:26:27 | 001,557,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435330.dll
[2015.06.28 11:26:27 | 001,099,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.06.28 11:26:27 | 001,060,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.06.28 11:26:27 | 001,050,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.06.28 11:26:27 | 000,982,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.06.28 11:26:27 | 000,975,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.06.28 11:26:27 | 000,938,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.06.28 11:26:27 | 000,503,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015.06.28 11:26:27 | 000,408,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015.06.28 11:26:27 | 000,407,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015.06.28 11:26:27 | 000,364,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015.06.28 11:26:27 | 000,204,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.06.28 11:26:27 | 000,176,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.06.28 11:26:27 | 000,155,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.06.28 11:26:27 | 000,150,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.06.28 11:26:27 | 000,128,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.06.28 11:26:26 | 015,866,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.06.28 11:26:26 | 014,497,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.06.28 11:26:26 | 011,831,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.06.28 11:26:26 | 002,932,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.06.28 11:26:26 | 002,599,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
========== Files - Modified Within 30 Days ==========
[2015.07.25 22:22:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.07.25 22:18:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
[2015.07.25 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.07.25 21:28:07 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.07.25 21:28:07 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.07.25 20:49:49 | 001,583,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.07.25 20:49:49 | 000,668,564 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.07.25 20:49:49 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.07.25 20:49:49 | 000,141,210 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.07.25 20:49:49 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.07.25 20:42:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.07.25 15:43:48 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2015.07.25 12:14:46 | 001,222,144 | ---- | M] () -- C:\Users\Ilpeva\Desktop\RSITx64.exe
[2015.07.25 12:13:44 | 002,135,552 | ---- | M] (Farbar) -- C:\Users\Ilpeva\Desktop\FRST64.exe
[2015.07.21 17:08:48 | 000,001,058 | ---- | M] () -- C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
[2015.07.21 16:17:55 | 000,411,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.07.20 15:35:08 | 000,000,218 | ---- | M] () -- C:\Users\Ilpeva\AppData\Local\recently-used.xbel
[2015.07.15 07:43:21 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.07.15 07:43:21 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.07.15 05:19:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.15 05:19:50 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.15 05:19:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.15 05:19:45 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.15 03:59:42 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.14 21:06:08 | 001,423,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2015.07.14 21:06:07 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015.07.14 21:05:57 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015.07.14 21:05:57 | 001,710,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2015.07.09 19:59:59 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.09 19:58:41 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.09 19:58:31 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.09 19:58:26 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.09 19:58:24 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.09 19:58:23 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.09 19:58:23 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.09 19:50:11 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.04 20:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.03 06:28:26 | 000,069,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.07.03 06:28:25 | 000,065,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015.07.02 22:46:34 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.02 22:12:26 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.01 22:49:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.01 22:49:45 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.01 22:49:42 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.01 22:49:41 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.01 22:49:23 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.01 22:49:11 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.01 22:48:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.01 22:47:18 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.01 22:43:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.01 22:43:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.01 22:39:24 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.01 22:29:46 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.01 22:27:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.01 22:26:52 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.01 22:24:59 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.06.27 08:52:14 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswsp.sys
[2015.06.27 04:47:11 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.06.27 04:43:26 | 005,923,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.06.27 03:58:17 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
========== Files Created - No Company Name ==========
[2015.07.25 22:22:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.07.25 12:15:02 | 001,222,144 | ---- | C] () -- C:\Users\Ilpeva\Desktop\RSITx64.exe
[2015.07.20 15:35:08 | 000,000,218 | ---- | C] () -- C:\Users\Ilpeva\AppData\Local\recently-used.xbel
[2015.07.20 14:09:18 | 000,001,058 | ---- | C] () -- C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
[2015.07.13 00:21:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.06.28 11:26:26 | 042,729,104 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2015.06.28 11:26:26 | 037,748,880 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2014.11.30 11:33:00 | 001,557,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.11.29 23:36:53 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.11.29 23:36:53 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.11.29 23:36:53 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.11.29 23:36:53 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.03.07 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\11bitstudios
[2014.11.29 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\AVAST Software
[2015.07.20 15:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\BitLord
[2015.07.20 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
[2015.01.04 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\MPC-HC
[2014.12.06 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect
[2014.11.30 00:13:17 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Python-Eggs
[2015.06.14 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz
[2014.12.02 00:30:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Steam
[2015.01.01 23:18:18 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Synei
[2015.04.25 10:12:15 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Trine3
[2015.05.10 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.11.30 12:55:56 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2015.03.07 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\11bitstudios
[2015.07.13 00:24:34 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Adobe
[2014.11.29 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\AVAST Software
[2015.07.20 15:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\BitLord
[2015.07.20 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
[2015.07.20 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Google
[2014.11.29 22:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Identities
[2015.03.08 14:47:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\InstallShield
[2014.11.30 13:00:30 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Macromedia
[2010.11.21 09:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Media Center Programs
[2015.06.11 07:16:41 | 000,000,000 | --SD | M] -- C:\Users\Ilpeva\AppData\Roaming\Microsoft
[2015.01.01 21:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Mozilla
[2015.01.04 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\MPC-HC
[2014.12.06 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect
[2015.01.21 11:58:43 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\NVIDIA
[2014.11.30 00:13:17 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Python-Eggs
[2015.03.08 15:05:41 | 000,000,000 | RH-D | M] -- C:\Users\Ilpeva\AppData\Roaming\SecuROM
[2015.06.14 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz
[2014.12.02 00:30:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Steam
[2015.01.01 23:18:18 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Synei
[2015.04.25 10:12:15 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Trine3
[2015.01.24 11:00:36 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\vlc
[2015.05.10 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood
< %APPDATA%\*.exe /s >
[2015.07.16 22:41:40 | 000,466,544 | ---- | M] (Google Inc.) -- C:\Users\Ilpeva\AppData\Roaming\Google\downloader.exe
[2015.01.24 10:39:45 | 000,158,000 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\FlashGot.exe
[2014.12.06 21:31:08 | 001,191,265 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect\Uninstall\unins000.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2015.05.10 20:17:51 | 000,988,513 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood\Uninstall\unins000.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015.07.25 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014.12.12 19:21:24 | 007,394,584 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015.07.06 09:28:12 | 000,377,000 | ---- | M] (Mozilla Corporation) MD5=1CE7982AA6A983F4C49A32C8D624237B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.06.25 19:43:43 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=A7B6589F92C9CB498CDBA42EBEB23EE4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.07.25 22:22:23 | 000,000,512 | ---- | M] () MD5=E49349C52160A20C754B8A745A5B8A36 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2012.02.07 18:11:22 | 000,008,192 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\_win32sysloader.pyd
[2013.08.27 12:42:52 | 000,005,612 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\deluge-2.3.2_245-py2.6.egg\deluge\httpdownloader.pyc
[2011.07.06 14:32:14 | 000,001,878 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.07.06 14:32:14 | 000,014,336 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.05.13 08:52:27 | 000,057,592 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2015.05.13 08:52:27 | 000,065,784 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.05.13 08:52:27 | 000,073,976 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2015.05.13 08:52:27 | 000,090,872 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015.04.17 07:22:56 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.04.17 07:22:56 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2015.04.09 02:58:18 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXLoader.dll
[2015.04.09 02:58:18 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXLoader64.dll
[2015.04.09 02:58:18 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXUpdateLoader.dll
[2015.04.09 02:58:18 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXUpdateLoader64.dll
[2015.05.13 08:52:27 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXLoader.dll
[2015.05.13 08:52:27 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXLoader64.dll
[2015.05.13 08:52:27 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXUpdateLoader.dll
[2015.05.13 08:52:27 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXUpdateLoader64.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVI2DownloaderExt.DLL
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.DLL
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.DLL
[2015.07.20 12:31:41 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\3E50\images\loader.gif
[2015.07.20 12:31:11 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\D1C0\images\loader.gif
[2015.07.20 12:31:17 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\FA00\images\loader.gif
[2015.07.16 22:41:40 | 000,466,544 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Google\downloader.exe
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\14059libfoxloader.dll
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\14063libfoxloader-x64.dll
[2015.05.28 07:23:17 | 000,000,165 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2015.03.01 15:04:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.12 01:11:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.12 01:11:48 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.12 01:11:48 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.12 01:11:48 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.12 01:11:47 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.efi.mui_35ee487d
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.exe.mui_3bc5b827
[2015.03.12 01:11:48 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.efi.mui_f412814e
[2015.03.12 01:11:48 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.exe.mui_ff8b5358
[2015.03.12 01:11:56 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.12 01:11:56 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.12 01:11:56 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.12 01:11:57 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.12 01:11:57 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.14 21:36:23 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.13 20:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 09:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.02.03 05:35:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2014.12.13 03:58:08 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_d5571c3e13b55aff.manifest
[2015.01.13 00:17:17 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_d53a7a6013cbe180.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.16 08:36:33 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_d53c7af413ca142e.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.01.27 06:02:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_d526db1c13da4c10.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.02.03 05:54:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_d52bdc8e13d5cac3.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.03.17 07:14:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_d550f2a413baf637.manifest
[2015.04.27 22:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.04.27 21:23:13 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_d523b26013dd334d.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.05.25 20:25:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_d505433013f3b9ce.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.12.12 08:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.04.27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:30 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL logfile created on: 25.7.2015 22:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ilpeva\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,87% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 28,48 Gb Free Space | 11,67% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 106,76 Gb Free Space | 15,53% Space Free | Partition Type: NTFS
Drive F: | 55,89 Gb Total Space | 14,54 Gb Free Space | 26,01% Space Free | Partition Type: NTFS
Computer Name: ILPEVA-PC | User Name: Ilpeva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.07.25 22:18:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
PRC - [2015.07.14 21:06:59 | 002,631,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.07.14 21:06:54 | 001,871,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.07.06 09:28:12 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.06.17 08:03:11 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015.05.11 21:16:22 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.05.07 21:15:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
========== Modules (No Company Name) ==========
MOD - [2015.07.14 21:06:59 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.05.07 21:15:52 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.05.07 21:15:50 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.04.17 07:23:01 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015.07.14 21:06:53 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.07.14 21:06:52 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2015.06.20 21:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.05.07 21:15:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (ff39eb65)
SRV - [2015.07.15 07:43:21 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.07.14 21:06:54 | 001,871,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.07.06 09:28:11 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.06.17 08:03:11 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.04.12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015.07.14 21:06:52 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.06.27 08:52:14 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015.06.17 11:10:27 | 000,204,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.05.07 21:15:55 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.05.07 21:15:55 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.05.07 21:15:55 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.05.07 21:15:55 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.05.07 21:15:55 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.05.07 21:15:54 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.05.07 21:15:46 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2015.01.01 21:46:45 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014.11.29 23:40:29 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.04.23 13:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2007.04.23 13:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 13:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 13:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 13:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV - [2015.01.17 19:44:00 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{0ADA1816-069D-4B37-9079-E08CE0E3D5D2}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{39E03545-D27B-4C7F-AA51-755F6D46B273}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{40C0DD75-9C5A-408E-8739-AA61058D255D}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{523E032A-9B10-4954-B6D6-58DAD85EAF69}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{73E8F03A-EF64-4528-8CEC-4A40D77E543A}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{856F6AA3-D4D1-4906-9561-62289121A71F}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{9B543D5F-09A2-4ADE-B16F-9A0042336E66}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{A5FE8CF9-87B1-4166-BD85-FB735B011423}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{B19C74F4-3059-426F-BBF9-2436B9428590}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.05.07 21:15:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2015.01.01 21:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Extensions
[2015.07.21 07:23:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions
[2015.07.21 07:23:53 | 000,000,000 | ---D | M] (ConaveurTApups) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\f@2yT.net
[2015.07.20 12:32:16 | 000,000,000 | ---D | M] (MonsoonReuvuenue) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\r@YRztkG.com
[2015.07.06 09:28:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.07.06 09:28:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-417826297-2065636235-3177541415-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.215 83.240.0.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD38A19A-E4ED-411C-A3BB-3E78CAFAEC7C}: DhcpNameServer = 83.240.0.215 83.240.0.136
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.01.01 21:59:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.01.11 21:57:14 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8bf01b3c-91da-11e4-b68a-001a4d6524fd}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf01b3c-91da-11e4-b68a-001a4d6524fd}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.07.25 22:18:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
[2015.07.25 13:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.07.25 13:37:09 | 000,000,000 | ---D | C] -- C:\rsit
[2015.07.25 13:34:33 | 000,000,000 | ---D | C] -- C:\FRST
[2015.07.25 12:24:09 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\AppData\Local\ElevatedDiagnostics
[2015.07.25 12:13:50 | 002,135,552 | ---- | C] (Farbar) -- C:\Users\Ilpeva\Desktop\FRST64.exe
[2015.07.21 14:57:25 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.21 14:57:24 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.21 14:57:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.21 14:57:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.21 14:57:24 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.21 14:57:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.21 14:57:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.21 14:57:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.21 07:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConaveurTApups
[2015.07.21 07:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CeonvertApaps
[2015.07.21 07:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Validity
[2015.07.21 07:23:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConveRRtApps
[2015.07.20 12:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReplliApp
[2015.07.20 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\13577716749516954695
[2015.07.20 12:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonsoonReuvuenue
[2015.07.20 12:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
[2015.07.20 08:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\coolsoft
[2015.07.20 08:09:23 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\AppData\Roaming\Google
[2015.07.19 21:47:48 | 000,065,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015.07.19 21:47:48 | 000,047,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.07.15 07:25:30 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015.07.15 07:25:29 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015.07.15 07:25:27 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.15 07:25:27 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.15 07:25:27 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.15 07:25:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.15 07:25:27 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.15 07:25:27 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.15 07:25:27 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.15 07:25:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.15 07:25:27 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.15 07:25:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.15 07:25:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.15 07:25:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.15 07:25:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.15 07:25:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.15 07:25:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.15 07:25:21 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.07.15 07:25:20 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.07.15 07:25:20 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.07.15 07:25:19 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.07.15 07:25:16 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.15 07:25:14 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.15 07:25:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.07.15 07:25:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.07.15 07:25:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.07.15 07:25:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.07.15 07:25:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.07.15 07:25:08 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.07.15 07:25:07 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.07.15 07:25:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.07.15 07:25:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.07.15 07:25:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.07.15 07:25:04 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.07.15 07:25:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.07.15 07:25:04 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.07.15 07:25:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.07.15 07:25:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.07.15 07:25:03 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.07.15 07:25:03 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.07.15 07:25:03 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.07.15 07:25:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.07.15 07:25:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.07.15 07:25:01 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.07.15 07:25:01 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.07.15 07:24:59 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.07.15 07:24:59 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.07.15 07:24:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.07.15 07:24:59 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.07.15 07:24:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.07.15 07:24:58 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.07.15 07:24:56 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.07.15 07:24:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.07.15 07:24:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.07.15 07:24:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.07.15 07:24:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.07.15 07:24:54 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.07.15 07:24:48 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.15 07:24:44 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.07.15 07:24:44 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.07.15 07:24:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015.07.15 07:24:24 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.15 07:24:23 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.15 07:24:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.15 07:24:22 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.07.15 07:24:22 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.15 07:24:22 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.15 07:24:22 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.15 07:24:22 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.15 07:24:22 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.15 07:24:22 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.15 07:24:22 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.15 07:24:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.15 07:24:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.15 07:24:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.15 07:24:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.15 07:23:59 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015.07.15 07:23:58 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015.07.15 07:23:58 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015.07.15 07:23:58 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015.07.15 07:23:57 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015.07.15 07:23:57 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015.07.15 07:23:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015.07.15 07:23:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015.07.15 07:23:47 | 001,112,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015.07.15 07:23:47 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015.07.15 07:23:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2015.07.15 07:23:42 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.15 07:23:42 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.15 07:23:42 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.15 07:23:42 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.15 07:23:42 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.15 07:23:41 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.15 07:23:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.15 07:23:41 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.13 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015.07.13 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015.07.13 00:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015.07.11 20:12:31 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\Documents\MightAndMagicXLegacy
[2015.07.11 15:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might & Magic X - Legacy
[2015.07.06 09:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.06.28 11:29:32 | 000,571,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.06.28 11:26:28 | 000,040,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.06.28 11:26:27 | 030,481,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.06.28 11:26:27 | 022,947,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.06.28 11:26:27 | 016,145,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.06.28 11:26:27 | 013,263,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.06.28 11:26:27 | 001,898,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435330.dll
[2015.06.28 11:26:27 | 001,557,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435330.dll
[2015.06.28 11:26:27 | 001,099,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.06.28 11:26:27 | 001,060,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.06.28 11:26:27 | 001,050,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.06.28 11:26:27 | 000,982,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.06.28 11:26:27 | 000,975,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.06.28 11:26:27 | 000,938,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.06.28 11:26:27 | 000,503,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015.06.28 11:26:27 | 000,408,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015.06.28 11:26:27 | 000,407,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015.06.28 11:26:27 | 000,364,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015.06.28 11:26:27 | 000,204,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.06.28 11:26:27 | 000,176,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.06.28 11:26:27 | 000,155,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.06.28 11:26:27 | 000,150,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.06.28 11:26:27 | 000,128,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.06.28 11:26:26 | 015,866,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.06.28 11:26:26 | 014,497,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.06.28 11:26:26 | 011,831,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.06.28 11:26:26 | 002,932,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.06.28 11:26:26 | 002,599,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
========== Files - Modified Within 30 Days ==========
[2015.07.25 22:22:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.07.25 22:18:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
[2015.07.25 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.07.25 21:28:07 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.07.25 21:28:07 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.07.25 20:49:49 | 001,583,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.07.25 20:49:49 | 000,668,564 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.07.25 20:49:49 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.07.25 20:49:49 | 000,141,210 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.07.25 20:49:49 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.07.25 20:42:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.07.25 15:43:48 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2015.07.25 12:14:46 | 001,222,144 | ---- | M] () -- C:\Users\Ilpeva\Desktop\RSITx64.exe
[2015.07.25 12:13:44 | 002,135,552 | ---- | M] (Farbar) -- C:\Users\Ilpeva\Desktop\FRST64.exe
[2015.07.21 17:08:48 | 000,001,058 | ---- | M] () -- C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
[2015.07.21 16:17:55 | 000,411,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.07.20 15:35:08 | 000,000,218 | ---- | M] () -- C:\Users\Ilpeva\AppData\Local\recently-used.xbel
[2015.07.15 07:43:21 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.07.15 07:43:21 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.07.15 05:19:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.15 05:19:50 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.15 05:19:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.15 05:19:45 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.15 03:59:42 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.14 21:06:08 | 001,423,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2015.07.14 21:06:07 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015.07.14 21:05:57 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015.07.14 21:05:57 | 001,710,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2015.07.09 19:59:59 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.09 19:58:41 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.09 19:58:31 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.09 19:58:26 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.09 19:58:24 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.09 19:58:23 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.09 19:58:23 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.09 19:50:11 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.04 20:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.03 06:28:26 | 000,069,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.07.03 06:28:25 | 000,065,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015.07.02 22:46:34 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.02 22:12:26 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.01 22:49:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.01 22:49:45 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.01 22:49:42 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.01 22:49:41 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.01 22:49:23 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.01 22:49:11 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.01 22:48:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.01 22:47:18 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.01 22:43:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.01 22:43:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.01 22:39:24 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.01 22:29:46 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.01 22:27:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.01 22:26:52 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.01 22:24:59 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.06.27 08:52:14 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswsp.sys
[2015.06.27 04:47:11 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.06.27 04:43:26 | 005,923,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.06.27 03:58:17 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
========== Files Created - No Company Name ==========
[2015.07.25 22:22:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.07.25 12:15:02 | 001,222,144 | ---- | C] () -- C:\Users\Ilpeva\Desktop\RSITx64.exe
[2015.07.20 15:35:08 | 000,000,218 | ---- | C] () -- C:\Users\Ilpeva\AppData\Local\recently-used.xbel
[2015.07.20 14:09:18 | 000,001,058 | ---- | C] () -- C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
[2015.07.13 00:21:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.06.28 11:26:26 | 042,729,104 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2015.06.28 11:26:26 | 037,748,880 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2014.11.30 11:33:00 | 001,557,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.11.29 23:36:53 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.11.29 23:36:53 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.11.29 23:36:53 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.11.29 23:36:53 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.03.07 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\11bitstudios
[2014.11.29 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\AVAST Software
[2015.07.20 15:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\BitLord
[2015.07.20 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
[2015.01.04 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\MPC-HC
[2014.12.06 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect
[2014.11.30 00:13:17 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Python-Eggs
[2015.06.14 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz
[2014.12.02 00:30:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Steam
[2015.01.01 23:18:18 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Synei
[2015.04.25 10:12:15 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Trine3
[2015.05.10 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.11.30 12:55:56 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2015.03.07 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\11bitstudios
[2015.07.13 00:24:34 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Adobe
[2014.11.29 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\AVAST Software
[2015.07.20 15:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\BitLord
[2015.07.20 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
[2015.07.20 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Google
[2014.11.29 22:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Identities
[2015.03.08 14:47:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\InstallShield
[2014.11.30 13:00:30 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Macromedia
[2010.11.21 09:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Media Center Programs
[2015.06.11 07:16:41 | 000,000,000 | --SD | M] -- C:\Users\Ilpeva\AppData\Roaming\Microsoft
[2015.01.01 21:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Mozilla
[2015.01.04 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\MPC-HC
[2014.12.06 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect
[2015.01.21 11:58:43 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\NVIDIA
[2014.11.30 00:13:17 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Python-Eggs
[2015.03.08 15:05:41 | 000,000,000 | RH-D | M] -- C:\Users\Ilpeva\AppData\Roaming\SecuROM
[2015.06.14 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz
[2014.12.02 00:30:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Steam
[2015.01.01 23:18:18 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Synei
[2015.04.25 10:12:15 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Trine3
[2015.01.24 11:00:36 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\vlc
[2015.05.10 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood
< %APPDATA%\*.exe /s >
[2015.07.16 22:41:40 | 000,466,544 | ---- | M] (Google Inc.) -- C:\Users\Ilpeva\AppData\Roaming\Google\downloader.exe
[2015.01.24 10:39:45 | 000,158,000 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\FlashGot.exe
[2014.12.06 21:31:08 | 001,191,265 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect\Uninstall\unins000.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2015.05.10 20:17:51 | 000,988,513 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood\Uninstall\unins000.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015.07.25 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014.12.12 19:21:24 | 007,394,584 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015.07.06 09:28:12 | 000,377,000 | ---- | M] (Mozilla Corporation) MD5=1CE7982AA6A983F4C49A32C8D624237B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.06.25 19:43:43 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=A7B6589F92C9CB498CDBA42EBEB23EE4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.07.25 22:22:23 | 000,000,512 | ---- | M] () MD5=E49349C52160A20C754B8A745A5B8A36 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
< *keygen* /s >
< *loader* /s >
[2012.02.07 18:11:22 | 000,008,192 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\_win32sysloader.pyd
[2013.08.27 12:42:52 | 000,005,612 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\deluge-2.3.2_245-py2.6.egg\deluge\httpdownloader.pyc
[2011.07.06 14:32:14 | 000,001,878 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.07.06 14:32:14 | 000,014,336 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.05.13 08:52:27 | 000,057,592 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2015.05.13 08:52:27 | 000,065,784 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.05.13 08:52:27 | 000,073,976 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2015.05.13 08:52:27 | 000,090,872 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015.04.17 07:22:56 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.04.17 07:22:56 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2015.04.09 02:58:18 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXLoader.dll
[2015.04.09 02:58:18 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXLoader64.dll
[2015.04.09 02:58:18 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXUpdateLoader.dll
[2015.04.09 02:58:18 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXUpdateLoader64.dll
[2015.05.13 08:52:27 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXLoader.dll
[2015.05.13 08:52:27 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXLoader64.dll
[2015.05.13 08:52:27 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXUpdateLoader.dll
[2015.05.13 08:52:27 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXUpdateLoader64.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVI2DownloaderExt.DLL
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.DLL
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.DLL
[2015.07.20 12:31:41 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\3E50\images\loader.gif
[2015.07.20 12:31:11 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\D1C0\images\loader.gif
[2015.07.20 12:31:17 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\FA00\images\loader.gif
[2015.07.16 22:41:40 | 000,466,544 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Google\downloader.exe
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\14059libfoxloader.dll
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\14063libfoxloader-x64.dll
[2015.05.28 07:23:17 | 000,000,165 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2015.03.01 15:04:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.12 01:11:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.12 01:11:48 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.12 01:11:48 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.12 01:11:48 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.12 01:11:47 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.efi.mui_35ee487d
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.exe.mui_3bc5b827
[2015.03.12 01:11:48 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.efi.mui_f412814e
[2015.03.12 01:11:48 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.exe.mui_ff8b5358
[2015.03.12 01:11:56 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.12 01:11:56 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.12 01:11:56 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.12 01:11:57 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.12 01:11:57 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.14 21:36:23 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.13 20:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 09:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.02.03 05:35:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2014.12.13 03:58:08 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_d5571c3e13b55aff.manifest
[2015.01.13 00:17:17 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_d53a7a6013cbe180.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.16 08:36:33 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_d53c7af413ca142e.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.01.27 06:02:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_d526db1c13da4c10.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.02.03 05:54:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_d52bdc8e13d5cac3.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.03.17 07:14:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_d550f2a413baf637.manifest
[2015.04.27 22:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.04.27 21:23:13 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_d523b26013dd334d.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.05.25 20:25:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_d505433013f3b9ce.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.12.12 08:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.04.27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:30 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
OTL Extras logfile created on: 25.7.2015 22:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ilpeva\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,87% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 28,48 Gb Free Space | 11,67% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 106,76 Gb Free Space | 15,53% Space Free | Partition Type: NTFS
Drive F: | 55,89 Gb Total Space | 14,54 Gb Free Space | 26,01% Space Free | Partition Type: NTFS
Computer Name: ILPEVA-PC | User Name: Ilpeva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01098462-F18A-4D5C-BA8C-05897A955784}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14330F0D-8333-4D1D-AC88-1EAF25299E42}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{22E6BD89-989D-4ED6-93DE-253C576486BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C925185-80EB-4FAE-B115-8FCE1A96E5F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{344626C4-F172-4534-9E59-98F699789602}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3B5DBABF-8E4D-4D80-9A22-BF579903ACB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41BB20F1-53F3-4509-AA93-E4EE8E619B4F}" = rport=445 | protocol=6 | dir=out | app=system |
"{49EC3197-E4A4-4F5B-A703-B60651CF2740}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4B41BA76-6E69-4B83-936B-7347F217539D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{51FC1601-587C-4E2F-87A0-ACEFF4D54619}" = rport=138 | protocol=17 | dir=out | app=system |
"{549FC5C9-E41D-4A31-94B8-3037E526C350}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5697B823-9319-4889-890B-9A457A5857B9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B1278AF-1DBB-468F-9BC5-D709DAFE6504}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7825600F-BCBD-414A-8223-0E6A7322FFD3}" = lport=138 | protocol=17 | dir=in | app=system |
"{7BEA3377-9504-43D3-9127-2B65DE4E2AAA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FF0ECF2-69C0-4614-9392-E7EB2CC591B6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{83583CB7-DE1B-4C64-8543-1E8A9D5996EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E0ABBBD-FBBA-4EE4-B820-122A6497861B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A1F526F2-19A2-4673-BA33-1950181B9DC0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A88A4D5D-AE2F-4CA6-BC66-998554C0242A}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAE55392-B4D6-4EB4-AEF7-6FECA012E67F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AECEDE81-A2DF-4CEF-95D7-9FAD335A250E}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{CF6A3BF3-6E25-4652-8EFF-73B0B6E75B31}" = rport=139 | protocol=6 | dir=out | app=system |
"{D2E63107-D459-4F5B-8F06-39223CBC65CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D596D379-D5D5-4248-8575-F91CADFCF9E2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{DD866E0A-D082-4898-AA49-5C715D4E0460}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E80E2F26-5891-4117-B6EB-FA3ED00AC71D}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9ABBA08-D952-465F-9B95-BA334C4C26FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF00B98E-C21A-470A-A5DC-021CC19731EC}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F30324F3-6B31-4CD5-BA3A-7602417173FB}" = lport=445 | protocol=6 | dir=in | app=system |
"{F4CBA8AE-D898-4421-A4FE-FE78F32A869C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017548A9-DE37-4FF1-A7D6-84696DE1FBB1}" = protocol=6 | dir=in | app=c:\users\ilpeva\appdata\roaming\google\downloader.exe |
"{01DC512C-4FD4-46CF-A835-1E8D67E6CF62}" = protocol=6 | dir=in | app=d:\games\might & magic x legacy\might & magic x - legacy\might and magic x legacy.exe |
"{0A386803-449E-4672-9D24-F061A87BAFDA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{12226B57-6134-487A-926D-E94F66788976}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14AE464B-5A55-4658-B831-F405ED254258}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{161BA74C-76B8-4AFE-A994-F6E80F09F880}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{183868B5-08C4-4239-A34A-A62AF59686B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FEE2EF3-E312-4B81-8A11-9718E7819D85}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2F51C401-3655-4D38-B8C5-050462E61BE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F884907-4828-4C64-9292-FF877093E132}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A4E12D5-44CC-4A7B-BD33-6B0506CC7936}" = protocol=17 | dir=in | app=c:\users\ilpeva\appdata\roaming\google\downloader.exe |
"{3BA6FBE3-225C-4113-B44D-2CE6BCBD99C7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3ED11A7D-173C-4900-8D94-0E3504EF8D76}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{481B078E-9D5C-41EA-8C6F-BF1319A170AE}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic_online.exe |
"{70D2EA45-512E-4255-979D-D360017B5AD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77E63FA8-CB3F-42E8-B551-54742F13A3D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{802B9C98-CCA5-4E81-93F2-6AB20E36C78F}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic_ds.exe |
"{81B14AB1-0815-461D-85AA-2C89187D970E}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic_online.exe |
"{85B12B05-FD99-4C91-A7E3-DC0293A8FC06}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{86925E3F-36F0-4E75-8395-5121428D14CA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8AB813C6-5B78-496D-8EEB-D6E65EDB5DAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B55513C-A4EC-4609-8D6A-CFCC9C1BB980}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8CADCEA2-A3F9-49FA-BC02-19303C652037}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F410F21-33CB-42C5-AB7E-9C366FD0491A}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic.exe |
"{A3DB1020-70B8-44E1-BB71-BFD2B8FD337E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB0A2289-5BDD-4D3F-82BD-75EBF8369F28}" = protocol=17 | dir=in | app=d:\games\might & magic x legacy\might & magic x - legacy\might and magic x legacy.exe |
"{BCE2A7B0-95A7-4CC8-AE4E-E7F83B427969}" = protocol=17 | dir=in | app=d:\games\xcom\xcom - enemy within\binaries\win32\xcomew.exe |
"{C2C9C20C-3500-47C0-ADAA-0DE299C15301}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEB1859F-170A-43BD-AB64-C47BF21BAB32}" = protocol=6 | dir=in | app=d:\games\xcom\xcom - enemy within\binaries\win32\xcomew.exe |
"{CF702278-799C-47EC-B7A3-5E1C4A2880A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4F712DF-54B5-4963-8255-F8E152B0FCD9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E72542F4-3A53-430B-B2A5-5D8717253A47}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E8D91A0F-35CD-455F-97D4-6E0125FD5C10}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic.exe |
"{EAE4E3A0-7041-4E6E-B154-FF9E984968B8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED36527F-0D72-4A03-AD32-5B836F08C323}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic_ds.exe |
"{EEF21C2A-A6D5-45D8-B15D-D85B4FA9AED7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF194D5D-9BCE-41DF-BB92-33A6EC54E5AE}" = protocol=6 | dir=out | app=system |
"TCP Query User{02CC1350-31AB-4B04-9881-AD71B7DC6E52}D:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe" = protocol=6 | dir=in | app=d:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe |
"TCP Query User{1370165F-31ED-49FC-9CF6-1FAF1D7B10BF}D:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe" = protocol=6 | dir=in | app=d:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe |
"TCP Query User{3D9369D5-2079-44A3-8B41-18488250DF34}C:\users\ilpeva\desktop\věci\starcrawlers.exe" = protocol=6 | dir=in | app=c:\users\ilpeva\desktop\věci\starcrawlers.exe |
"TCP Query User{6AD0F684-E384-4A30-95B9-26A8F2839B02}D:\games\grey goo\grey goo\instanceserverg.exe" = protocol=6 | dir=in | app=d:\games\grey goo\grey goo\instanceserverg.exe |
"TCP Query User{7E1991F8-B8C7-40AB-95B0-C7F5517DD39D}D:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{8B549DB8-A556-4E5D-A7FA-0B0034442CB9}D:\games\warhammer\dowar2r\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer\dowar2r\dow2.exe |
"TCP Query User{93C390CC-CDAC-4AD0-AF78-F95D72C2D4D2}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{C7047FEA-BE62-475B-8BD1-022206B3F1E0}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"TCP Query User{CB48F589-E34B-4048-9B05-8C862CF017A7}D:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe" = protocol=6 | dir=in | app=d:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe |
"TCP Query User{DB0B7CFA-11BF-4ADD-9849-05FF85BA4B1E}D:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe" = protocol=6 | dir=in | app=d:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe |
"TCP Query User{E1F068E1-6CCE-4394-966B-2C8E59907BB5}D:\games\divinity\divinity original sin\shipping\eocapp.exe" = protocol=6 | dir=in | app=d:\games\divinity\divinity original sin\shipping\eocapp.exe |
"TCP Query User{FDA6EDC6-D782-404B-B863-C1162FBA8561}D:\games\grey goo\grey goo\goog.exe" = protocol=6 | dir=in | app=d:\games\grey goo\grey goo\goog.exe |
"UDP Query User{05207A0F-72BF-49FC-9B91-0D3F9E3C2940}D:\games\grey goo\grey goo\instanceserverg.exe" = protocol=17 | dir=in | app=d:\games\grey goo\grey goo\instanceserverg.exe |
"UDP Query User{15519E8D-B3C4-456D-A6BB-C29391663875}D:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe" = protocol=17 | dir=in | app=d:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe |
"UDP Query User{35A2093F-8FEA-4C27-B795-2210F4481111}D:\games\grey goo\grey goo\goog.exe" = protocol=17 | dir=in | app=d:\games\grey goo\grey goo\goog.exe |
"UDP Query User{601AE1A3-C02C-4ECC-BD2F-6BC831F001D4}D:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{72656825-96E5-4896-81A9-8C3A20B6BB40}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"UDP Query User{82B95A0A-2B73-4F03-A0F3-CCF3678E0BEB}D:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe" = protocol=17 | dir=in | app=d:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe |
"UDP Query User{A75C000E-D4C2-4255-8817-FBB085E79448}D:\games\divinity\divinity original sin\shipping\eocapp.exe" = protocol=17 | dir=in | app=d:\games\divinity\divinity original sin\shipping\eocapp.exe |
"UDP Query User{AB161E38-6492-4873-9543-172D481E9071}D:\games\warhammer\dowar2r\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer\dowar2r\dow2.exe |
"UDP Query User{B894139D-3EF1-45A1-9644-B257822ABF18}C:\users\ilpeva\desktop\věci\starcrawlers.exe" = protocol=17 | dir=in | app=c:\users\ilpeva\desktop\věci\starcrawlers.exe |
"UDP Query User{C809DB8F-3869-4057-87D2-CAB9E23C474A}D:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe" = protocol=17 | dir=in | app=d:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe |
"UDP Query User{DF60B96F-E94A-4F32-8526-D4BDC5A46FD1}D:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe" = protocol=17 | dir=in | app=d:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe |
"UDP Query User{EAFED11D-5C15-48A4-8A1F-749E15DDF483}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.30
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.71.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ff39eb65}" = coolsoft
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.6
"{33224466-21HJ-19NB-01C0-41KL5M686AC}_is1" = Warhammer 40000 - Armageddon ver. 1.03
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34F9B822-7033-30EF-18C1-D999278F8053}" = MonsoonReuvuenue
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{51A7177D-D726-4E65-A816-3DC8778FEC02}_is1" = Act of Aggression
"{51D3E654-AC4F-9DFE-7D55-52D3CB4563E8}_is1" = aktivator-pro-windows-7-ultimate version for Windows
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9490A9E7-B0E9-D9EA-365C-3EE2B532055E}" = ConaveurTApups
"{969FB8EF-38D0-4607-CFDE-397D08A961A3}" = ReplliApp
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D8844ACB-1A60-463A-BDF5-F820BA353008}_is1" = "Might & Magic X - Legacy"
"{EE377223-72A9-4995-B3B6-8A056CA4CE5D}_is1" = "XCOM - Enemy Within"
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict: Soviet Assault
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"1207664643_is1" = The Witcher 3 - Wild Hunt
"1207666813_is1" = Pillars of Eternity
"1207666873_is1" = This War of Mine
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Alien Isolation Digital Deluxe Edition_is1" = Alien Isolation Digital Deluxe Edition version Alien Isolation Digital Deluxe Edition
"Alternative Look for Triss_is1" = Alternative Look for Triss
"Alternative Look for Yennefer_is1" = Alternative Look for Yennefer
"Avast" = Avast Free Antivirus
"Ballad Heroes - Neutral Gwent Card Set_is1" = Ballad Heroes - Neutral Gwent Card Set
"Beard and Hairstyle Set_is1" = Beard and Hairstyle Set
"BioShock Infinite_is1" = BioShock Infinite
"BitLord" = BitLord 2.3
"Blackguards2_is1" = Blackguards 2
"Brothers - A Tale of Two Sons_is1" = Brothers - A Tale of Two Sons
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dex_is1" = Dex
"Divinity Original Sin_is1" = Divinity Original Sin version 1.0.81.0
"DoWar2R_is1" = DoWar2R
"Elite Crossbow Set_is1" = Elite Crossbow Set
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOGPACKTHEWITCHER2EE_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Grey Goo_is1" = Grey Goo
"Joe Devers Lone Wolf HD Remastered_is1" = Joe Devers Lone Wolf HD Remastered
"Mozilla Firefox 39.0 (x86 cs)" = Mozilla Firefox 39.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Murdered - Soul Suspect_R.G. Mechanics_is1" = Murdered - Soul Suspect
"New Quest - Contract Missing Miners_is1" = New Quest - Contract Missing Miners
"New Quest - Contract: Skellige's Most Wanted_is1" = New Quest - Contract - Skellige's Most Wanted
"New Quest - Fool's Gold_is1" = New Quest - Fool's Gold
"New Quest - Scavenger Hunt: Wolf School Gear_is1" = New Quest - Scavenger Hunt - Wolf School Gear
"New Quest - Where the Cat and Wolf Play..._is1" = New Quest - Where the Cat and Wolf Play...
"Nilfgaardian Armor Set_is1" = Nilfgaardian Armor Set
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Ori and the Blind Forest_is1" = Ori and the Blind Forest
"Pillars of Eternity Kickstarter Item_is1" = Pillars of Eternity Kickstarter Item
"Pillars of Eternity Kickstarter Pet_is1" = Pillars of Eternity Kickstarter Pet
"Q2hpbGRvZkxpZ2h0_is1" = Child of Light
"QmF0bWFuQXJraGFtT3JpZ2lucw==_is1" = Batman Arkham Origins
"RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1" = Deus.Ex.Human.Revolution.Directors.Cut
"RW5kbGVzc0xlZ2VuZA==_is1" = Endless Legend
"SG9tZXdvcmxkUmVtYXN0ZXJlZENvbGxlY3Rpb24=_is1" = Homeworld Remastered Collection
"Sid Meier's Civilization V_is1" = Sid Meier's Civilization V
"Skellige Armor Set_is1" = Skellige Armor Set
"T3JkZXJvZkJhdHRsZVBhY2lmaWM=_is1" = Order of Battle: Pacific
"Temerian Armor Set_is1" = Temerian Armor Set
"The Witcher Adventure Game_is1" = The Witcher Adventure Game v1.0 / RePack by Azaq
"U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1" = Sid Meiers Civilization Beyond Earth
"Valkyria Chronicles_is1" = Valkyria Chronicles
"Wolfenstein - The Old Blood_R.G. Mechanics_is1" = Wolfenstein - The Old Blood
"Wolfenstein.The New Order.v 1.0.0.1_is1" = Wolfenstein.The New Order.v 1.0.0.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2.4.2015 9:12:20 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 0:30:22 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 9:53:48 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 17:50:59 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 18:12:31 | Computer Name = Ilpeva-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files\CCleaner\CCleaner.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 4.4.2015 2:44:19 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2015 10:56:46 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 6.4.2015 10:39:39 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.4.2015 8:05:23 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.4.2015 9:36:26 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 25.7.2015 14:02:15 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:17 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:20 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:22 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:24 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:26 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:28 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:31 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:33 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 15:21:52 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ilpeva\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,87% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 28,48 Gb Free Space | 11,67% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 106,76 Gb Free Space | 15,53% Space Free | Partition Type: NTFS
Drive F: | 55,89 Gb Total Space | 14,54 Gb Free Space | 26,01% Space Free | Partition Type: NTFS
Computer Name: ILPEVA-PC | User Name: Ilpeva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01098462-F18A-4D5C-BA8C-05897A955784}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14330F0D-8333-4D1D-AC88-1EAF25299E42}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{22E6BD89-989D-4ED6-93DE-253C576486BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C925185-80EB-4FAE-B115-8FCE1A96E5F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{344626C4-F172-4534-9E59-98F699789602}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3B5DBABF-8E4D-4D80-9A22-BF579903ACB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41BB20F1-53F3-4509-AA93-E4EE8E619B4F}" = rport=445 | protocol=6 | dir=out | app=system |
"{49EC3197-E4A4-4F5B-A703-B60651CF2740}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4B41BA76-6E69-4B83-936B-7347F217539D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{51FC1601-587C-4E2F-87A0-ACEFF4D54619}" = rport=138 | protocol=17 | dir=out | app=system |
"{549FC5C9-E41D-4A31-94B8-3037E526C350}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5697B823-9319-4889-890B-9A457A5857B9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B1278AF-1DBB-468F-9BC5-D709DAFE6504}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7825600F-BCBD-414A-8223-0E6A7322FFD3}" = lport=138 | protocol=17 | dir=in | app=system |
"{7BEA3377-9504-43D3-9127-2B65DE4E2AAA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FF0ECF2-69C0-4614-9392-E7EB2CC591B6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{83583CB7-DE1B-4C64-8543-1E8A9D5996EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E0ABBBD-FBBA-4EE4-B820-122A6497861B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A1F526F2-19A2-4673-BA33-1950181B9DC0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A88A4D5D-AE2F-4CA6-BC66-998554C0242A}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAE55392-B4D6-4EB4-AEF7-6FECA012E67F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AECEDE81-A2DF-4CEF-95D7-9FAD335A250E}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{CF6A3BF3-6E25-4652-8EFF-73B0B6E75B31}" = rport=139 | protocol=6 | dir=out | app=system |
"{D2E63107-D459-4F5B-8F06-39223CBC65CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D596D379-D5D5-4248-8575-F91CADFCF9E2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{DD866E0A-D082-4898-AA49-5C715D4E0460}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E80E2F26-5891-4117-B6EB-FA3ED00AC71D}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9ABBA08-D952-465F-9B95-BA334C4C26FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF00B98E-C21A-470A-A5DC-021CC19731EC}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F30324F3-6B31-4CD5-BA3A-7602417173FB}" = lport=445 | protocol=6 | dir=in | app=system |
"{F4CBA8AE-D898-4421-A4FE-FE78F32A869C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017548A9-DE37-4FF1-A7D6-84696DE1FBB1}" = protocol=6 | dir=in | app=c:\users\ilpeva\appdata\roaming\google\downloader.exe |
"{01DC512C-4FD4-46CF-A835-1E8D67E6CF62}" = protocol=6 | dir=in | app=d:\games\might & magic x legacy\might & magic x - legacy\might and magic x legacy.exe |
"{0A386803-449E-4672-9D24-F061A87BAFDA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{12226B57-6134-487A-926D-E94F66788976}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14AE464B-5A55-4658-B831-F405ED254258}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{161BA74C-76B8-4AFE-A994-F6E80F09F880}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{183868B5-08C4-4239-A34A-A62AF59686B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FEE2EF3-E312-4B81-8A11-9718E7819D85}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2F51C401-3655-4D38-B8C5-050462E61BE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F884907-4828-4C64-9292-FF877093E132}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A4E12D5-44CC-4A7B-BD33-6B0506CC7936}" = protocol=17 | dir=in | app=c:\users\ilpeva\appdata\roaming\google\downloader.exe |
"{3BA6FBE3-225C-4113-B44D-2CE6BCBD99C7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3ED11A7D-173C-4900-8D94-0E3504EF8D76}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{481B078E-9D5C-41EA-8C6F-BF1319A170AE}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic_online.exe |
"{70D2EA45-512E-4255-979D-D360017B5AD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77E63FA8-CB3F-42E8-B551-54742F13A3D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{802B9C98-CCA5-4E81-93F2-6AB20E36C78F}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic_ds.exe |
"{81B14AB1-0815-461D-85AA-2C89187D970E}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic_online.exe |
"{85B12B05-FD99-4C91-A7E3-DC0293A8FC06}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{86925E3F-36F0-4E75-8395-5121428D14CA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8AB813C6-5B78-496D-8EEB-D6E65EDB5DAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B55513C-A4EC-4609-8D6A-CFCC9C1BB980}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8CADCEA2-A3F9-49FA-BC02-19303C652037}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F410F21-33CB-42C5-AB7E-9C366FD0491A}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic.exe |
"{A3DB1020-70B8-44E1-BB71-BFD2B8FD337E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB0A2289-5BDD-4D3F-82BD-75EBF8369F28}" = protocol=17 | dir=in | app=d:\games\might & magic x legacy\might & magic x - legacy\might and magic x legacy.exe |
"{BCE2A7B0-95A7-4CC8-AE4E-E7F83B427969}" = protocol=17 | dir=in | app=d:\games\xcom\xcom - enemy within\binaries\win32\xcomew.exe |
"{C2C9C20C-3500-47C0-ADAA-0DE299C15301}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEB1859F-170A-43BD-AB64-C47BF21BAB32}" = protocol=6 | dir=in | app=d:\games\xcom\xcom - enemy within\binaries\win32\xcomew.exe |
"{CF702278-799C-47EC-B7A3-5E1C4A2880A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4F712DF-54B5-4963-8255-F8E152B0FCD9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E72542F4-3A53-430B-B2A5-5D8717253A47}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E8D91A0F-35CD-455F-97D4-6E0125FD5C10}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic.exe |
"{EAE4E3A0-7041-4E6E-B154-FF9E984968B8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED36527F-0D72-4A03-AD32-5B836F08C323}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic_ds.exe |
"{EEF21C2A-A6D5-45D8-B15D-D85B4FA9AED7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF194D5D-9BCE-41DF-BB92-33A6EC54E5AE}" = protocol=6 | dir=out | app=system |
"TCP Query User{02CC1350-31AB-4B04-9881-AD71B7DC6E52}D:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe" = protocol=6 | dir=in | app=d:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe |
"TCP Query User{1370165F-31ED-49FC-9CF6-1FAF1D7B10BF}D:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe" = protocol=6 | dir=in | app=d:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe |
"TCP Query User{3D9369D5-2079-44A3-8B41-18488250DF34}C:\users\ilpeva\desktop\věci\starcrawlers.exe" = protocol=6 | dir=in | app=c:\users\ilpeva\desktop\věci\starcrawlers.exe |
"TCP Query User{6AD0F684-E384-4A30-95B9-26A8F2839B02}D:\games\grey goo\grey goo\instanceserverg.exe" = protocol=6 | dir=in | app=d:\games\grey goo\grey goo\instanceserverg.exe |
"TCP Query User{7E1991F8-B8C7-40AB-95B0-C7F5517DD39D}D:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{8B549DB8-A556-4E5D-A7FA-0B0034442CB9}D:\games\warhammer\dowar2r\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer\dowar2r\dow2.exe |
"TCP Query User{93C390CC-CDAC-4AD0-AF78-F95D72C2D4D2}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{C7047FEA-BE62-475B-8BD1-022206B3F1E0}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"TCP Query User{CB48F589-E34B-4048-9B05-8C862CF017A7}D:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe" = protocol=6 | dir=in | app=d:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe |
"TCP Query User{DB0B7CFA-11BF-4ADD-9849-05FF85BA4B1E}D:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe" = protocol=6 | dir=in | app=d:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe |
"TCP Query User{E1F068E1-6CCE-4394-966B-2C8E59907BB5}D:\games\divinity\divinity original sin\shipping\eocapp.exe" = protocol=6 | dir=in | app=d:\games\divinity\divinity original sin\shipping\eocapp.exe |
"TCP Query User{FDA6EDC6-D782-404B-B863-C1162FBA8561}D:\games\grey goo\grey goo\goog.exe" = protocol=6 | dir=in | app=d:\games\grey goo\grey goo\goog.exe |
"UDP Query User{05207A0F-72BF-49FC-9B91-0D3F9E3C2940}D:\games\grey goo\grey goo\instanceserverg.exe" = protocol=17 | dir=in | app=d:\games\grey goo\grey goo\instanceserverg.exe |
"UDP Query User{15519E8D-B3C4-456D-A6BB-C29391663875}D:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe" = protocol=17 | dir=in | app=d:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe |
"UDP Query User{35A2093F-8FEA-4C27-B795-2210F4481111}D:\games\grey goo\grey goo\goog.exe" = protocol=17 | dir=in | app=d:\games\grey goo\grey goo\goog.exe |
"UDP Query User{601AE1A3-C02C-4ECC-BD2F-6BC831F001D4}D:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{72656825-96E5-4896-81A9-8C3A20B6BB40}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"UDP Query User{82B95A0A-2B73-4F03-A0F3-CCF3678E0BEB}D:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe" = protocol=17 | dir=in | app=d:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe |
"UDP Query User{A75C000E-D4C2-4255-8817-FBB085E79448}D:\games\divinity\divinity original sin\shipping\eocapp.exe" = protocol=17 | dir=in | app=d:\games\divinity\divinity original sin\shipping\eocapp.exe |
"UDP Query User{AB161E38-6492-4873-9543-172D481E9071}D:\games\warhammer\dowar2r\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer\dowar2r\dow2.exe |
"UDP Query User{B894139D-3EF1-45A1-9644-B257822ABF18}C:\users\ilpeva\desktop\věci\starcrawlers.exe" = protocol=17 | dir=in | app=c:\users\ilpeva\desktop\věci\starcrawlers.exe |
"UDP Query User{C809DB8F-3869-4057-87D2-CAB9E23C474A}D:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe" = protocol=17 | dir=in | app=d:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe |
"UDP Query User{DF60B96F-E94A-4F32-8526-D4BDC5A46FD1}D:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe" = protocol=17 | dir=in | app=d:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe |
"UDP Query User{EAFED11D-5C15-48A4-8A1F-749E15DDF483}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.30
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.71.1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ff39eb65}" = coolsoft
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.6
"{33224466-21HJ-19NB-01C0-41KL5M686AC}_is1" = Warhammer 40000 - Armageddon ver. 1.03
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34F9B822-7033-30EF-18C1-D999278F8053}" = MonsoonReuvuenue
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{51A7177D-D726-4E65-A816-3DC8778FEC02}_is1" = Act of Aggression
"{51D3E654-AC4F-9DFE-7D55-52D3CB4563E8}_is1" = aktivator-pro-windows-7-ultimate version for Windows
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9490A9E7-B0E9-D9EA-365C-3EE2B532055E}" = ConaveurTApups
"{969FB8EF-38D0-4607-CFDE-397D08A961A3}" = ReplliApp
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D8844ACB-1A60-463A-BDF5-F820BA353008}_is1" = "Might & Magic X - Legacy"
"{EE377223-72A9-4995-B3B6-8A056CA4CE5D}_is1" = "XCOM - Enemy Within"
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict: Soviet Assault
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"1207664643_is1" = The Witcher 3 - Wild Hunt
"1207666813_is1" = Pillars of Eternity
"1207666873_is1" = This War of Mine
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Alien Isolation Digital Deluxe Edition_is1" = Alien Isolation Digital Deluxe Edition version Alien Isolation Digital Deluxe Edition
"Alternative Look for Triss_is1" = Alternative Look for Triss
"Alternative Look for Yennefer_is1" = Alternative Look for Yennefer
"Avast" = Avast Free Antivirus
"Ballad Heroes - Neutral Gwent Card Set_is1" = Ballad Heroes - Neutral Gwent Card Set
"Beard and Hairstyle Set_is1" = Beard and Hairstyle Set
"BioShock Infinite_is1" = BioShock Infinite
"BitLord" = BitLord 2.3
"Blackguards2_is1" = Blackguards 2
"Brothers - A Tale of Two Sons_is1" = Brothers - A Tale of Two Sons
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dex_is1" = Dex
"Divinity Original Sin_is1" = Divinity Original Sin version 1.0.81.0
"DoWar2R_is1" = DoWar2R
"Elite Crossbow Set_is1" = Elite Crossbow Set
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOGPACKTHEWITCHER2EE_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Grey Goo_is1" = Grey Goo
"Joe Devers Lone Wolf HD Remastered_is1" = Joe Devers Lone Wolf HD Remastered
"Mozilla Firefox 39.0 (x86 cs)" = Mozilla Firefox 39.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Murdered - Soul Suspect_R.G. Mechanics_is1" = Murdered - Soul Suspect
"New Quest - Contract Missing Miners_is1" = New Quest - Contract Missing Miners
"New Quest - Contract: Skellige's Most Wanted_is1" = New Quest - Contract - Skellige's Most Wanted
"New Quest - Fool's Gold_is1" = New Quest - Fool's Gold
"New Quest - Scavenger Hunt: Wolf School Gear_is1" = New Quest - Scavenger Hunt - Wolf School Gear
"New Quest - Where the Cat and Wolf Play..._is1" = New Quest - Where the Cat and Wolf Play...
"Nilfgaardian Armor Set_is1" = Nilfgaardian Armor Set
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Ori and the Blind Forest_is1" = Ori and the Blind Forest
"Pillars of Eternity Kickstarter Item_is1" = Pillars of Eternity Kickstarter Item
"Pillars of Eternity Kickstarter Pet_is1" = Pillars of Eternity Kickstarter Pet
"Q2hpbGRvZkxpZ2h0_is1" = Child of Light
"QmF0bWFuQXJraGFtT3JpZ2lucw==_is1" = Batman Arkham Origins
"RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1" = Deus.Ex.Human.Revolution.Directors.Cut
"RW5kbGVzc0xlZ2VuZA==_is1" = Endless Legend
"SG9tZXdvcmxkUmVtYXN0ZXJlZENvbGxlY3Rpb24=_is1" = Homeworld Remastered Collection
"Sid Meier's Civilization V_is1" = Sid Meier's Civilization V
"Skellige Armor Set_is1" = Skellige Armor Set
"T3JkZXJvZkJhdHRsZVBhY2lmaWM=_is1" = Order of Battle: Pacific
"Temerian Armor Set_is1" = Temerian Armor Set
"The Witcher Adventure Game_is1" = The Witcher Adventure Game v1.0 / RePack by Azaq
"U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1" = Sid Meiers Civilization Beyond Earth
"Valkyria Chronicles_is1" = Valkyria Chronicles
"Wolfenstein - The Old Blood_R.G. Mechanics_is1" = Wolfenstein - The Old Blood
"Wolfenstein.The New Order.v 1.0.0.1_is1" = Wolfenstein.The New Order.v 1.0.0.1
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 2.4.2015 9:12:20 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 0:30:22 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 9:53:48 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 17:50:59 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 3.4.2015 18:12:31 | Computer Name = Ilpeva-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files\CCleaner\CCleaner.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error - 4.4.2015 2:44:19 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 5.4.2015 10:56:46 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 6.4.2015 10:39:39 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 9.4.2015 8:05:23 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
Error - 10.4.2015 9:36:26 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 25.7.2015 14:02:15 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:17 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:20 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:22 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:24 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:26 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:28 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:31 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 14:02:33 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
Error - 25.7.2015 15:21:52 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 2 PC a sdílený problém - 2. počítač
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
End
Z logu:
To je příliš mnoho, velikost adresáře plocha může brzdit start systému. Udělte nový adresář v C:\Users\Ilpeva, do něhož přesuňte data z plochy (ponechte jen zástupce) a na plochu si dejte kvůli snazšímu přístupu pouze zástupce té složky.Velikost slozky "C:\Users\Ilpeva\Desktop" je 49140 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
Děkuji, provedu a kamoše vytahám za tu plochu za uši. 
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
Log:
Fix result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Ilpeva at 2015-07-26 12:26:10 Run:1
Running from C:\Users\Ilpeva\Desktop
Loaded Profiles: Ilpeva (Available Profiles: Ilpeva)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
End
*****************
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
==== End of Fixlog 12:26:10 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Ilpeva at 2015-07-26 12:26:10 Run:1
Running from C:\Users\Ilpeva\Desktop
Loaded Profiles: Ilpeva (Available Profiles: Ilpeva)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
End
*****************
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
==== End of Fixlog 12:26:10 ====
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 2 PC a sdílený problém - 2. počítač
Všechno smazáno. Problém zmizel?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
turquoisefly
- Návštěvník
- Příspěvky: 64
- Registrován: 21 črc 2008 11:27
Re: 2 PC a sdílený problém - 2. počítač
Děkujeme, vypadá to, že je vše v pořádku. Jste supr.
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: 2 PC a sdílený problém - 2. počítač
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?