Dobrý den
mohu požádat o prověření mého PC? Stává se že se seká a otevření třeba jen okna ve windows trvá i minutu. Při hraní to samé. Dřív jsem hrál hru na max rozlišení, teď musím tu samou hru spouštět na 1024 a stáhnout detaily. Když se děje tohle, větrák jede naplno a ram i procesor bývají vytížené naplno. Krom toho objevila se mi neplecha totaladperformance. Nevím jestli už to PC nezvládá jelikož už má nějaká léta, nebo je něco špatně v systému.
Athlon 64 X2 Dual core
RAM 2GB
Nvidia Gforce 9800 GT
Logfile of random's system information tool 1.10 (written by random/random)
Run by Barborka at 2015-08-06 08:44:51
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 76 GB (46%) free of 164 GB
Total RAM: 2047 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:45:04, on 6.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Barborka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8021 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe"
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2356.0.1269372741\2032199943" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x0614 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Control_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="2356.2.2076445052\1073195942" --font-cache-shared-handle=2008 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Control_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="2356.3.1799245000\1379497339" --font-cache-shared-handle=2140 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Control_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="2356.4.2067706929\294282139" --font-cache-shared-handle=1992 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Control_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="2356.5.1660722288\1495055556" --font-cache-shared-handle=2316 /prefetch:673131151
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Control_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="2356.21.534748056\1522941780" --font-cache-shared-handle=4744 /prefetch:673131151
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group5 pct:10e stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Stable_HQPDemotion_HUPDecay_Control_V3/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group5/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_26/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_16/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="2356.26.1021057340\1318630594" --font-cache-shared-handle=3588 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Barborka\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1793736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"=C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [2012-10-23 3108480]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-20 6109776]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-06 08:44:52 ----D---- C:\Program Files\trend micro
2015-08-06 08:44:51 ----D---- C:\rsit
2015-07-28 12:04:47 ----A---- C:\Windows\system32\generaltel.dll
2015-07-28 12:04:46 ----A---- C:\Windows\system32\invagent.dll
2015-07-28 12:04:46 ----A---- C:\Windows\system32\devinv.dll
2015-07-28 12:04:46 ----A---- C:\Windows\system32\appraiser.dll
2015-07-28 12:04:46 ----A---- C:\Windows\system32\aeinv.dll
2015-07-28 12:04:46 ----A---- C:\Windows\system32\acmigration.dll
2015-07-28 12:04:44 ----A---- C:\Windows\system32\aepdu.dll
2015-07-28 12:04:43 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-27 00:20:33 ----A---- C:\Windows\system32\msvcr100.dll
2015-07-26 22:35:13 ----D---- C:\Windows\system32\appmgmt
2015-07-26 13:41:36 ----D---- C:\Users\Barborka\AppData\Roaming\Bioshock
2015-07-25 03:02:02 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-07-25 02:06:08 ----D---- C:\Users\Barborka\AppData\Roaming\NVIDIA
2015-07-25 01:35:33 ----D---- C:\Windows\SYSWOW64\AGEIA
2015-07-25 01:35:33 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-07-24 04:48:50 ----D---- C:\Users\Barborka\AppData\Roaming\Serif
2015-07-21 07:34:26 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 07:34:26 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 07:34:26 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 07:34:26 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 07:34:26 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 07:34:26 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 07:34:26 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 07:34:26 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 07:34:26 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 07:34:26 ----A---- C:\Windows\system32\atmfd.dll
2015-07-20 16:27:32 ----A---- C:\Windows\system32\aswBoot.exe
2015-07-20 16:27:02 ----A---- C:\Windows\avastSS.scr
2015-07-19 23:38:56 ----D---- C:\Users\Barborka\AppData\Roaming\AIMP3
2015-07-19 23:38:52 ----D---- C:\Program Files (x86)\AIMP3
2015-07-18 16:51:59 ----D---- C:\ProgramData\Sun
2015-07-18 16:51:29 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-18 16:49:29 ----D---- C:\ProgramData\Oracle
2015-07-18 16:49:23 ----D---- C:\Program Files\Java
2015-07-15 10:47:30 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 10:47:30 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 10:47:28 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 10:47:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 10:47:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 10:47:28 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 10:47:28 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wups.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 10:47:28 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 10:47:20 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 10:47:18 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 10:47:18 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 10:47:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 10:47:17 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 10:47:17 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 10:47:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 10:47:10 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 10:47:09 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 10:47:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 10:47:09 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 10:47:08 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 10:47:08 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 10:47:08 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 10:47:07 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 10:47:06 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 10:47:06 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 10:46:07 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 10:46:07 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 10:46:07 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 10:46:07 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 10:46:07 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 10:46:07 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 10:46:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 10:46:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 10:46:06 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 10:46:06 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 10:46:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 10:46:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 10:46:06 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 10:46:06 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 10:46:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 10:46:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 10:46:04 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 10:46:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 10:46:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 10:46:04 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 10:46:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 10:46:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 10:46:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 10:46:03 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 10:46:03 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 10:46:03 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 10:46:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 10:46:01 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 10:46:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 10:46:01 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 10:46:01 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 10:46:01 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 10:46:01 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 10:46:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 10:46:00 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 10:46:00 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 10:45:59 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 10:45:59 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 10:45:58 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 10:45:58 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 10:44:01 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 10:44:01 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 10:44:01 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 10:44:01 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 10:44:01 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 10:44:01 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 10:44:00 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 10:44:00 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 10:44:00 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 10:44:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 10:44:00 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 10:44:00 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 10:44:00 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 10:44:00 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 10:43:52 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 10:43:52 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 10:43:52 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 10:43:52 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 10:43:52 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 10:43:52 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 10:43:52 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 10:43:52 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 10:43:48 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 10:43:48 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 10:43:44 ----A---- C:\Windows\system32\msi.dll
2015-07-15 10:43:43 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 10:43:43 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 10:43:43 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 10:43:43 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 10:43:43 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 10:43:43 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 10:43:43 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 10:43:43 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 10:43:43 ----A---- C:\Windows\system32\consent.exe
2015-07-15 10:43:43 ----A---- C:\Windows\system32\authui.dll
2015-07-15 10:43:43 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 10:43:38 ----A---- C:\Windows\system32\rdpudd.dll
2015-07-15 10:43:38 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 10:43:38 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-07-10 11:02:24 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2015-07-10 11:01:59 ----D---- C:\Windows\PCHEALTH
2015-07-10 11:01:59 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2015-07-10 11:01:59 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-10 10:59:41 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2015-07-10 10:59:07 ----D---- C:\Program Files\Microsoft Office
2015-07-10 10:58:34 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2015-07-10 10:57:39 ----D---- C:\Program Files (x86)\Microsoft Office
2015-07-10 10:57:38 ----D---- C:\ProgramData\Microsoft Help
2015-07-10 10:57:20 ----RHD---- C:\MSOCache
======List of files/folders modified in the last 1 month======
2015-08-06 08:44:54 ----D---- C:\Windows\Temp
2015-08-06 08:44:52 ----RD---- C:\Program Files
2015-08-05 19:50:14 ----D---- C:\Windows\system32\config
2015-08-05 19:46:47 ----D---- C:\ProgramData\NVIDIA
2015-08-05 08:15:30 ----D---- C:\Windows\Prefetch
2015-08-04 18:23:52 ----D---- C:\Windows\system32\drivers
2015-08-04 10:48:46 ----SHD---- C:\System Volume Information
2015-08-03 18:02:01 ----HD---- C:\ProgramData
2015-08-01 00:05:11 ----D---- C:\Windows
2015-08-01 00:04:29 ----D---- C:\Windows\Minidump
2015-07-30 23:12:38 ----D---- C:\Users\Barborka\AppData\Roaming\uTorrent
2015-07-28 14:16:24 ----SD---- C:\Windows\system32\CompatTel
2015-07-28 14:16:20 ----D---- C:\Windows\System32
2015-07-28 12:15:58 ----D---- C:\Windows\SoftwareDistribution
2015-07-28 12:02:03 ----D---- C:\Windows\system32\catroot2
2015-07-28 12:01:59 ----D---- C:\Windows\winsxs
2015-07-27 22:33:37 ----SHD---- C:\Windows\Installer
2015-07-27 22:28:57 ----D---- C:\Windows\SysWOW64
2015-07-26 22:34:59 ----RD---- C:\Program Files (x86)
2015-07-26 22:34:59 ----D---- C:\Program Files (x86)\Common Files
2015-07-25 13:18:07 ----SD---- C:\Windows\system32\GWX
2015-07-25 01:44:14 ----RSD---- C:\Windows\assembly
2015-07-24 04:35:52 ----RSD---- C:\Windows\Fonts
2015-07-20 18:11:20 ----SHD---- C:\$Recycle.Bin
2015-07-20 16:55:18 ----D---- C:\Windows\system32\Tasks
2015-07-18 16:42:33 ----D---- C:\Users\Barborka\AppData\Roaming\Skype
2015-07-17 14:21:17 ----D---- C:\Windows\inf
2015-07-17 14:21:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-16 22:15:38 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 14:13:51 ----D---- C:\Windows\rescache
2015-07-15 23:51:59 ----D---- C:\Windows\Tasks
2015-07-15 18:04:51 ----SD---- C:\Users\Barborka\AppData\Roaming\Microsoft
2015-07-15 17:18:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-15 17:18:33 ----D---- C:\Windows\system32\cs-CZ
2015-07-15 17:18:33 ----D---- C:\Windows\PolicyDefinitions
2015-07-15 17:18:32 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-15 17:18:32 ----D---- C:\Windows\system32\en-US
2015-07-15 17:18:32 ----D---- C:\Program Files\Internet Explorer
2015-07-15 17:18:32 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-15 17:18:27 ----D---- C:\Windows\system32\wbem
2015-07-15 17:18:27 ----D---- C:\Windows\system32\appraiser
2015-07-15 17:18:27 ----D---- C:\Windows\AppPatch
2015-07-15 12:01:16 ----D---- C:\Windows\system32\MRT
2015-07-15 00:49:08 ----D---- C:\Users\Barborka\AppData\Roaming\TS3Client
2015-07-10 14:19:27 ----D---- C:\Windows\Microsoft.NET
2015-07-10 11:03:18 ----D---- C:\Windows\ShellNew
2015-07-10 11:03:05 ----D---- C:\Program Files (x86)\MSBuild
2015-07-10 11:01:59 ----SD---- C:\ProgramData\Microsoft
2015-07-10 11:01:59 ----D---- C:\Program Files (x86)\Microsoft.NET
2015-07-10 11:00:10 ----D---- C:\Program Files\Common Files\Microsoft Shared
2015-07-10 10:59:02 ----A---- C:\Windows\win.ini
2015-07-08 07:41:55 ----D---- C:\Windows\system32\wdi
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-07-20 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-07-20 274808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-02-28 564824]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-07-20 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-07-20 1048856]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-07-20 447944]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-02-28 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-07-20 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-07-20 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-07-20 150160]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2009-11-17 11576]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 acvxnv8y;acvxnv8y; C:\Windows\system32\drivers\acvxnv8y.sys []
S3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-20 146600]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-03-04 1255736]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalý komp, vytížený procesor, RAM
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý komp, vytížený procesor, RAM
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý komp, vytížený procesor, RAM
Zdravím a dík za odpověď. Odpovídám až teď, nebyl jsem doma. Nevím jak jsem na tom s legalitou, žádné upozornění se mi neobjevilo. Windows, ovladače a podobně mi dával kamarád co "dělá kompy". abych si to jen upřesnil, máte na mysli legální / nelegální windows? A jak má v tomhle případě legální nebo nelegální windows vliv na chod počítače ? A dá se mému počítači nějak pomoct prosím?
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý komp, vytížený procesor, RAM
Četl jste pravidla fóra: http://forum.viry.cz/viewtopic.php?f=12&t=115512 ? To je ten důvod, proč se ptám.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý komp, vytížený procesor, RAM
abych se přiznal tak nečetl, nicméně jsem nečekal že bych měl svůj systém nelegal, zvlášť když jsem za instalaci zaplatil. V tomhle případě mi nezbývá než si radši sám koupit legální systém nebo se obrátit jinam ?
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý komp, vytížený procesor, RAM
No, koukneme na to. Zkusíme tento postup:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý komp, vytížený procesor, RAM
moc děkuju. právě scanuju, logy dodám za chvilku
Re: Pomalý komp, vytížený procesor, RAM
OTL logfile created on: 7.8.2015 19:57:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barborka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,57% Memory free
4,00 Gb Paging File | 2,36 Gb Available in Paging File | 58,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 159,90 Gb Total Space | 75,96 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 305,76 Gb Total Space | 242,86 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive F: | 11,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 51,80 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Computer Name: BARBORKAKOMP | User Name: Barborka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.08.07 19:55:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barborka\Downloads\OTL.exe
PRC - [2015.07.31 08:19:29 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.07.20 16:27:08 | 006,109,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015.07.20 16:26:51 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.02.20 01:42:56 | 001,793,736 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.02.04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.10.23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
========== Modules (No Company Name) ==========
MOD - [2015.07.31 08:19:27 | 001,405,768 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
MOD - [2015.07.31 08:19:27 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
MOD - [2015.07.20 16:27:16 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015.07.20 16:27:02 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.07.20 16:26:54 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.02.28 16:23:15 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
MOD - [2010.03.24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2015.07.20 16:26:51 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015.06.20 21:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.06.03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015.02.04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015.07.20 16:27:26 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015.07.20 16:27:26 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.07.20 16:27:26 | 000,150,160 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.07.20 16:27:25 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.07.20 16:27:25 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.07.20 16:27:25 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.07.20 16:27:24 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.07.20 16:26:17 | 001,048,856 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.02.28 16:35:20 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2015.02.28 16:27:48 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.11.17 10:16:44 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.07.20 16:27:29 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.28_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.7.6_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C986F81-B6F4-4CB0-A676-EE218EA2F261}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.12.12 00:00:00 | 000,000,041 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.10.14 12:56:44 | 000,000,049 | -H-- | M] () - H:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5b70b640-bf5b-11e4-a638-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5b70b640-bf5b-11e4-a638-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- [1999.12.12 00:00:00 | 000,824,540 | R--- | M] (CODEX )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.08.07 19:27:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.08.06 08:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.07.30 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Local\FLT
[2015.07.30 23:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal
[2015.07.28 12:04:47 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.28 12:04:46 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.28 12:04:46 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.28 12:04:46 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.28 12:04:46 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.28 12:04:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.28 12:04:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.28 12:04:43 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.27 00:20:33 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2015.07.26 23:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Vanishing of Ethan Carter
[2015.07.26 22:35:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2015.07.26 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\Bioshock
[2015.07.26 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\Bioshock
[2015.07.25 02:06:08 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\NVIDIA
[2015.07.25 02:05:58 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\EA Games
[2015.07.25 01:59:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2015.07.25 01:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2015.07.25 01:35:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2015.07.25 01:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2015.07.24 04:48:50 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\Serif
[2015.07.21 07:34:26 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.21 07:34:26 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.21 07:34:26 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.21 07:34:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.21 07:34:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.21 07:34:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.21 07:34:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.21 07:34:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.20 16:27:32 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015.07.20 16:27:02 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.07.19 23:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2015.07.19 23:38:56 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\AIMP3
[2015.07.19 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2015.07.18 22:45:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.07.18 16:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015.07.18 16:51:29 | 000,110,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015.07.18 16:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015.07.18 16:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015.07.18 16:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015.07.15 18:04:49 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\Outlook Files
[2015.07.15 10:47:30 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015.07.15 10:47:30 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015.07.15 10:47:28 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.15 10:47:28 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.15 10:47:28 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.15 10:47:28 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.15 10:47:28 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.15 10:47:28 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.15 10:47:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.15 10:47:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.15 10:47:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.15 10:47:28 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.15 10:47:28 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.15 10:47:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.15 10:47:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.15 10:47:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.15 10:47:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.15 10:47:18 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.07.15 10:47:17 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.07.15 10:47:17 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.07.15 10:47:16 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.07.15 10:47:09 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.15 10:47:08 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.15 10:46:07 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.07.15 10:46:07 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.07.15 10:46:07 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.07.15 10:46:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.07.15 10:46:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.07.15 10:46:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.07.15 10:46:06 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.07.15 10:46:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.07.15 10:46:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.07.15 10:46:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.07.15 10:46:04 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.07.15 10:46:04 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.07.15 10:46:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.07.15 10:46:04 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.07.15 10:46:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.07.15 10:46:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.07.15 10:46:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.07.15 10:46:03 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.07.15 10:46:03 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.07.15 10:46:03 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.07.15 10:46:03 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.07.15 10:46:02 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.07.15 10:46:01 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.07.15 10:46:01 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.07.15 10:46:01 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.07.15 10:46:01 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.07.15 10:46:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.07.15 10:46:00 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.07.15 10:46:00 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.07.15 10:46:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.07.15 10:45:59 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.07.15 10:45:59 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.07.15 10:45:58 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.07.15 10:45:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.07.15 10:44:01 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.15 10:44:00 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.15 10:44:00 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.07.15 10:44:00 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.15 10:44:00 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.15 10:44:00 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.15 10:44:00 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.15 10:44:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.15 10:44:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.15 10:44:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.15 10:44:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.15 10:44:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.15 10:44:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.15 10:44:00 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.15 10:44:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.15 10:43:52 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.07.15 10:43:52 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.07.15 10:43:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015.07.15 10:43:48 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.15 10:43:44 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015.07.15 10:43:43 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015.07.15 10:43:43 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015.07.15 10:43:43 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015.07.15 10:43:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015.07.15 10:43:43 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015.07.15 10:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015.07.15 10:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015.07.15 10:43:38 | 001,112,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015.07.15 10:43:38 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015.07.15 10:43:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2015.07.12 01:25:07 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\SH3
[2015.07.10 11:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2015.07.10 11:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2015.07.10 11:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2015.07.10 11:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2015.07.10 11:01:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015.07.10 11:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2015.07.10 11:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2015.07.10 10:59:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2015.07.10 10:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015.07.10 10:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015.07.10 10:57:48 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Local\Microsoft Help
[2015.07.10 10:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015.07.10 10:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015.07.10 10:57:20 | 000,000,000 | RH-D | C] -- C:\MSOCache
========== Files - Modified Within 30 Days ==========
[2015.08.07 20:00:06 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.08.07 20:00:06 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.08.07 19:59:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.08.07 19:56:08 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.07 19:52:24 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.07 19:51:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.07 19:51:52 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2015.07.31 11:05:07 | 000,001,389 | ---- | M] () -- C:\Users\Barborka\Desktop\XComGame – zástupce (2).lnk
[2015.07.27 00:19:55 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2015.07.26 23:36:08 | 000,001,014 | ---- | M] () -- C:\Users\Barborka\Desktop\The Vanishing of Ethan Carter.lnk
[2015.07.26 18:31:47 | 000,001,305 | ---- | M] () -- C:\Users\Barborka\Desktop\Bioshock – zástupce.lnk
[2015.07.25 20:07:17 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.25 20:04:16 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.25 20:04:05 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.25 20:03:59 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.25 20:03:58 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.25 20:03:57 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.25 20:03:57 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.25 19:55:04 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.25 01:51:33 | 000,001,620 | ---- | M] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2015.07.24 04:46:28 | 000,442,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.07.20 16:27:26 | 000,447,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.07.20 16:27:26 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.07.20 16:27:26 | 000,150,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.07.20 16:27:25 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015.07.20 16:27:25 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.07.20 16:27:25 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.07.20 16:27:25 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.07.20 16:27:24 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.07.20 16:27:02 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.07.20 16:26:17 | 001,048,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.07.18 22:44:38 | 000,110,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015.07.17 14:21:17 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.07.17 14:21:17 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.07.17 14:21:17 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.07.17 14:21:17 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.07.17 14:21:17 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.07.15 05:19:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.15 05:19:50 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.15 05:19:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.15 05:19:45 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.15 03:59:42 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
========== Files Created - No Company Name ==========
[2015.08.07 19:59:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.07.31 11:05:11 | 000,001,389 | ---- | C] () -- C:\Users\Barborka\Desktop\XComGame – zástupce (2).lnk
[2015.07.26 23:36:08 | 000,001,014 | ---- | C] () -- C:\Users\Barborka\Desktop\The Vanishing of Ethan Carter.lnk
[2015.07.26 18:31:52 | 000,001,305 | ---- | C] () -- C:\Users\Barborka\Desktop\Bioshock – zástupce.lnk
[2015.07.25 01:51:33 | 000,001,620 | ---- | C] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2015.03.14 16:56:11 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2015.03.14 16:56:11 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2015.03.09 12:26:15 | 000,655,872 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2015.03.09 12:26:15 | 000,240,128 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2015.03.09 12:26:15 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2015.03.09 12:26:12 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.08.06 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AIMP3
[2015.02.28 14:04:42 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVAST Software
[2015.02.28 16:29:56 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVG
[2015.07.26 20:58:57 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Bioshock
[2015.02.28 15:10:04 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools
[2015.02.28 18:02:30 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools Pro
[2015.03.09 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\MPC-HC
[2015.07.24 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Serif
[2015.06.20 20:54:12 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Sniper Ghost Warrior 2
[2015.03.14 16:54:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Steam
[2015.07.15 00:49:08 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\TS3Client
[2015.07.30 23:12:38 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,028,730 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2015.02.28 14:03:28 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.02.28 14:03:30 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2015.03.19 15:57:02 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Adobe
[2015.08.06 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AIMP3
[2015.02.28 14:04:42 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVAST Software
[2015.02.28 16:29:56 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVG
[2015.07.26 20:58:57 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Bioshock
[2015.02.28 15:10:04 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools
[2015.02.28 18:02:30 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools Pro
[2015.02.28 13:52:07 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Identities
[2015.07.06 07:32:33 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Media Center Programs
[2015.07.15 18:04:51 | 000,000,000 | --SD | M] -- C:\Users\Barborka\AppData\Roaming\Microsoft
[2015.07.03 22:00:20 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Microsoft Games
[2015.03.09 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\MPC-HC
[2015.07.25 02:06:08 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\NVIDIA
[2015.07.24 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Serif
[2015.07.18 16:42:33 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Skype
[2015.06.20 20:54:12 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Sniper Ghost Warrior 2
[2015.03.14 16:54:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Steam
[2015.07.15 00:49:08 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\TS3Client
[2015.07.30 23:12:38 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\uTorrent
[2015.02.28 15:08:54 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2015.06.20 20:28:58 | 001,299,696 | ---- | M] () -- C:\Users\Barborka\AppData\Roaming\Sniper Ghost Warrior 2\Uninstall\unins000.exe
[2014.04.14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\Barborka\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Barborka\AppData\Roaming\uTorrent\utorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015.08.07 19:52:24 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.08.07 19:56:08 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Pro Agent" = "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2012.10.23 10:25:10 | 003,108,480 | ---- | M] (DT Soft Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.06.25 19:43:43 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=A7B6589F92C9CB498CDBA42EBEB23EE4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.07.31 08:19:29 | 000,813,896 | ---- | M] (Google Inc.) MD5=DFAE85572A4565A0B04B34F872EC58DB -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.08.07 19:59:35 | 000,000,512 | ---- | M] () MD5=72F6DCC623B9899CC7D26DF9DBDB9692 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2015.07.25 01:56:51 | 000,000,676 | ---- | M] () -- \Users\Barborka\AppData\Roaming\Microsoft\Windows\Recent\MirrorsEdge-Crack.lnk
[2015.02.28 16:22:36 | 000,014,057 | ---- | M] () -- \Users\Barborka\AppData\Roaming\uTorrent\Daemon Tools Pro. 5.2.0.0348.0 MULTI CRACK + SPTD 1.83.0.0.torrent
[2014.07.15 14:02:02 | 000,043,239 | ---- | M] () -- \Users\Barborka\Downloads\Dubturbo_v7.1.5_Producer_Edition_[Fully_Cracked]_+_Bonus_Plugins_[thethingy]__torrent_download.torrent
[2015.02.18 23:50:37 | 000,000,672 | ---- | M] () -- \Users\Barborka\Downloads\Gatherbuddy WoW Bot Cracked by Skel3tor ---[www.bts.to]--- .torrent
[2015.07.25 01:56:51 | 013,044,034 | ---- | M] () -- \Users\Barborka\Downloads\MirrorsEdge-Crack.rar
[2014.08.31 10:14:27 | 000,004,501 | ---- | M] () -- \Users\Barborka\Downloads\Pirox_PvPTools_3.3.5a_Cracked.7300214.TPB.torrent
[2015.03.14 17:18:37 | 000,000,962 | ---- | M] () -- \Users\Barborka\Downloads\[CzT]Alien_Isolation_Crack_2014_.torrent
[2011.03.22 17:55:41 | 007,018,624 | ---- | M] () -- \Users\Barborka\Downloads\Down South - Lost In Brooklyn (1994)\04 - Jimi Crack Korn.mp3
[2015.01.16 17:31:08 | 007,832,205 | ---- | M] () -- \Users\Barborka\Downloads\HOMAM 1-4\Heroes-of-Might-and-Magic-IV---crack.exe
< *keygen* /s >
[2014.12.24 03:18:16 | 000,037,145 | ---- | M] () -- \Users\Barborka\Downloads\[CzT]Adobe_Photoshop_CS3_Extended_10_CZ_keygen.torrent
< *loader* /s >
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \KMPlayer\ImLoader.dll
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.07.20 16:26:42 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.07.20 16:26:44 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.03.24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.03.13 23:20:16 | 000,003,208 | ---- | M] () -- \Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.7.6_0\skin\ajax-loader.gif
[2014.08.28 16:33:24 | 000,005,059 | ---- | M] () -- \Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.7.6_0\skin\png\icon-vdownloader.png
[2015.06.05 20:08:42 | 000,072,638 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\loader.gif
[2015.06.05 20:08:42 | 000,003,032 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\loader.png
[2015.06.05 20:08:42 | 000,006,012 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015.06.05 20:08:42 | 000,021,956 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015.06.05 20:08:42 | 000,009,772 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2015.02.28 12:35:01 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.10.17 09:29:00 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.10.17 09:29:00 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.11 17:00:42 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.11 17:00:42 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.11 17:00:42 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.11 17:00:42 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.11 17:00:42 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.11 17:00:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.11 17:00:43 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.11 17:00:43 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.11 17:00:43 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.11 17:00:43 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.06.17 17:47:51 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.01.13 00:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barborka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,57% Memory free
4,00 Gb Paging File | 2,36 Gb Available in Paging File | 58,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 159,90 Gb Total Space | 75,96 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 305,76 Gb Total Space | 242,86 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive F: | 11,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 51,80 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Computer Name: BARBORKAKOMP | User Name: Barborka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015.08.07 19:55:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barborka\Downloads\OTL.exe
PRC - [2015.07.31 08:19:29 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.07.20 16:27:08 | 006,109,776 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015.07.20 16:26:51 | 000,146,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.02.20 01:42:56 | 001,793,736 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.02.04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.10.23 10:25:06 | 002,744,960 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
========== Modules (No Company Name) ==========
MOD - [2015.07.31 08:19:27 | 001,405,768 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libglesv2.dll
MOD - [2015.07.31 08:19:27 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\libegl.dll
MOD - [2015.07.20 16:27:16 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015.07.20 16:27:02 | 000,102,864 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.07.20 16:26:54 | 000,123,976 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.02.28 16:23:15 | 000,002,560 | ---- | M] () -- C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
MOD - [2010.03.24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - [2015.07.20 16:26:51 | 000,146,600 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015.06.20 21:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.06.03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2015.02.04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015.07.20 16:27:26 | 000,447,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015.07.20 16:27:26 | 000,274,808 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.07.20 16:27:26 | 000,150,160 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.07.20 16:27:25 | 000,090,968 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.07.20 16:27:25 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.07.20 16:27:25 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.07.20 16:27:24 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.07.20 16:26:17 | 001,048,856 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.02.28 16:35:20 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2015.02.28 16:27:48 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.11.17 10:16:44 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2005.03.29 02:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.07.20 16:27:29 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.28_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.7.6_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1418699984-3109580536-2372209870-1001..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2C986F81-B6F4-4CB0-A676-EE218EA2F261}: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [1999.12.12 00:00:00 | 000,000,041 | R--- | M] () - F:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.10.14 12:56:44 | 000,000,049 | -H-- | M] () - H:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5b70b640-bf5b-11e4-a638-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5b70b640-bf5b-11e4-a638-806e6f6e6963}\Shell\AutoRun\command - "" = F:\setup.exe -- [1999.12.12 00:00:00 | 000,824,540 | R--- | M] (CODEX )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - ac3acm.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: VIDC.LAGS - lagarith.dll ( )
Drivers32:64bit: VIDC.X264 - x264vfw64.dll (x264vfw project)
Drivers32:64bit: VIDC.XVID - xvidvfw.dll ()
Drivers32: msacm.ac3acm - C:\Windows\SysWow64\ac3acm.acm (fccHandler)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.LAGS - C:\Windows\SysWow64\lagarith.dll ( )
Drivers32: VIDC.X264 - C:\Windows\SysWow64\x264vfw.dll (x264vfw project)
Drivers32: VIDC.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015.08.07 19:27:46 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.08.06 08:44:52 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.07.30 23:37:43 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Local\FLT
[2015.07.30 23:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal
[2015.07.28 12:04:47 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.28 12:04:46 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.28 12:04:46 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.28 12:04:46 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.28 12:04:46 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.28 12:04:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.28 12:04:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.28 12:04:43 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.27 00:20:33 | 000,829,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2015.07.26 23:36:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Vanishing of Ethan Carter
[2015.07.26 22:35:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2015.07.26 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\Bioshock
[2015.07.26 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\Bioshock
[2015.07.25 02:06:08 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\NVIDIA
[2015.07.25 02:05:58 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\EA Games
[2015.07.25 01:59:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2015.07.25 01:35:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2015.07.25 01:35:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\AGEIA
[2015.07.25 01:35:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2015.07.24 04:48:50 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\Serif
[2015.07.21 07:34:26 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.21 07:34:26 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.21 07:34:26 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.21 07:34:26 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.21 07:34:26 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.21 07:34:26 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.21 07:34:26 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.21 07:34:26 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.20 16:27:32 | 000,378,880 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015.07.20 16:27:02 | 000,043,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.07.19 23:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
[2015.07.19 23:38:56 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Roaming\AIMP3
[2015.07.19 23:38:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AIMP3
[2015.07.18 22:45:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.07.18 16:51:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015.07.18 16:51:29 | 000,110,688 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015.07.18 16:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015.07.18 16:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015.07.18 16:49:23 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2015.07.15 18:04:49 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\Outlook Files
[2015.07.15 10:47:30 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015.07.15 10:47:30 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015.07.15 10:47:28 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.15 10:47:28 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.15 10:47:28 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.15 10:47:28 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.15 10:47:28 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.15 10:47:28 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.15 10:47:28 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.15 10:47:28 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.15 10:47:28 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.15 10:47:28 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.15 10:47:28 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.15 10:47:28 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.15 10:47:28 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.15 10:47:28 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.15 10:47:28 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.15 10:47:18 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.07.15 10:47:17 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.07.15 10:47:17 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.07.15 10:47:16 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.07.15 10:47:09 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.15 10:47:08 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.15 10:46:07 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.07.15 10:46:07 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.07.15 10:46:07 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.07.15 10:46:07 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.07.15 10:46:07 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.07.15 10:46:07 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.07.15 10:46:06 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.07.15 10:46:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.07.15 10:46:06 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.07.15 10:46:06 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.07.15 10:46:04 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.07.15 10:46:04 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.07.15 10:46:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.07.15 10:46:04 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.07.15 10:46:04 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.07.15 10:46:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.07.15 10:46:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.07.15 10:46:03 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.07.15 10:46:03 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.07.15 10:46:03 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.07.15 10:46:03 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.07.15 10:46:02 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.07.15 10:46:01 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.07.15 10:46:01 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.07.15 10:46:01 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.07.15 10:46:01 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.07.15 10:46:01 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.07.15 10:46:00 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.07.15 10:46:00 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.07.15 10:46:00 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.07.15 10:45:59 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.07.15 10:45:59 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.07.15 10:45:58 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.07.15 10:45:58 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.07.15 10:44:01 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.15 10:44:00 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.15 10:44:00 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.07.15 10:44:00 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.15 10:44:00 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.15 10:44:00 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.15 10:44:00 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.15 10:44:00 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.15 10:44:00 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.15 10:44:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.15 10:44:00 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.15 10:44:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.15 10:44:00 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.15 10:44:00 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.15 10:44:00 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.15 10:43:52 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.07.15 10:43:52 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.07.15 10:43:52 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015.07.15 10:43:48 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.15 10:43:44 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015.07.15 10:43:43 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015.07.15 10:43:43 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015.07.15 10:43:43 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015.07.15 10:43:43 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015.07.15 10:43:43 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015.07.15 10:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015.07.15 10:43:43 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015.07.15 10:43:38 | 001,112,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015.07.15 10:43:38 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015.07.15 10:43:38 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2015.07.12 01:25:07 | 000,000,000 | ---D | C] -- C:\Users\Barborka\Documents\SH3
[2015.07.10 11:03:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2015.07.10 11:03:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2015.07.10 11:02:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2015.07.10 11:02:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2015.07.10 11:01:59 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015.07.10 11:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2015.07.10 11:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2015.07.10 10:59:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2015.07.10 10:59:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015.07.10 10:58:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015.07.10 10:57:48 | 000,000,000 | ---D | C] -- C:\Users\Barborka\AppData\Local\Microsoft Help
[2015.07.10 10:57:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015.07.10 10:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015.07.10 10:57:20 | 000,000,000 | RH-D | C] -- C:\MSOCache
========== Files - Modified Within 30 Days ==========
[2015.08.07 20:00:06 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.08.07 20:00:06 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.08.07 19:59:35 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.08.07 19:56:08 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.07 19:52:24 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.07 19:51:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.07 19:51:52 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2015.07.31 11:05:07 | 000,001,389 | ---- | M] () -- C:\Users\Barborka\Desktop\XComGame – zástupce (2).lnk
[2015.07.27 00:19:55 | 000,829,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msvcr100.dll
[2015.07.26 23:36:08 | 000,001,014 | ---- | M] () -- C:\Users\Barborka\Desktop\The Vanishing of Ethan Carter.lnk
[2015.07.26 18:31:47 | 000,001,305 | ---- | M] () -- C:\Users\Barborka\Desktop\Bioshock – zástupce.lnk
[2015.07.25 20:07:17 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.25 20:04:16 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.25 20:04:05 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.25 20:03:59 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.25 20:03:58 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.25 20:03:57 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.25 20:03:57 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.25 19:55:04 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.25 01:51:33 | 000,001,620 | ---- | M] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2015.07.24 04:46:28 | 000,442,304 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.07.20 16:27:26 | 000,447,944 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.07.20 16:27:26 | 000,274,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.07.20 16:27:26 | 000,150,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.07.20 16:27:25 | 000,378,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015.07.20 16:27:25 | 000,090,968 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.07.20 16:27:25 | 000,065,224 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.07.20 16:27:25 | 000,028,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.07.20 16:27:24 | 000,093,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.07.20 16:27:02 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2015.07.20 16:26:17 | 001,048,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.07.18 22:44:38 | 000,110,688 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2015.07.17 14:21:17 | 001,470,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.07.17 14:21:17 | 000,631,054 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.07.17 14:21:17 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.07.17 14:21:17 | 000,121,708 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.07.17 14:21:17 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.07.15 05:19:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.15 05:19:50 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.15 05:19:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.15 05:19:45 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.15 03:59:42 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
========== Files Created - No Company Name ==========
[2015.08.07 19:59:35 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.07.31 11:05:11 | 000,001,389 | ---- | C] () -- C:\Users\Barborka\Desktop\XComGame – zástupce (2).lnk
[2015.07.26 23:36:08 | 000,001,014 | ---- | C] () -- C:\Users\Barborka\Desktop\The Vanishing of Ethan Carter.lnk
[2015.07.26 18:31:52 | 000,001,305 | ---- | C] () -- C:\Users\Barborka\Desktop\Bioshock – zástupce.lnk
[2015.07.25 01:51:33 | 000,001,620 | ---- | C] () -- C:\Users\Public\Desktop\Mirror's Edge™.lnk
[2015.03.14 16:56:11 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2015.03.14 16:56:11 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2015.03.09 12:26:15 | 000,655,872 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2015.03.09 12:26:15 | 000,240,128 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2015.03.09 12:26:15 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2015.03.09 12:26:12 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.08.06 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AIMP3
[2015.02.28 14:04:42 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVAST Software
[2015.02.28 16:29:56 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVG
[2015.07.26 20:58:57 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Bioshock
[2015.02.28 15:10:04 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools
[2015.02.28 18:02:30 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools Pro
[2015.03.09 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\MPC-HC
[2015.07.24 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Serif
[2015.06.20 20:54:12 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Sniper Ghost Warrior 2
[2015.03.14 16:54:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Steam
[2015.07.15 00:49:08 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\TS3Client
[2015.07.30 23:12:38 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,028,730 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2015.02.28 14:03:28 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.02.28 14:03:30 | 000,000,952 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2009.07.14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2009.07.14 03:38:56 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=8B7F8E882A649D81CEA1EDE9BBB68FFF -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_3de8def0db722996\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[5 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2015.03.19 15:57:02 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Adobe
[2015.08.06 18:57:23 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AIMP3
[2015.02.28 14:04:42 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVAST Software
[2015.02.28 16:29:56 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\AVG
[2015.07.26 20:58:57 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Bioshock
[2015.02.28 15:10:04 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools
[2015.02.28 18:02:30 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\DAEMON Tools Pro
[2015.02.28 13:52:07 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Identities
[2015.07.06 07:32:33 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Media Center Programs
[2015.07.15 18:04:51 | 000,000,000 | --SD | M] -- C:\Users\Barborka\AppData\Roaming\Microsoft
[2015.07.03 22:00:20 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Microsoft Games
[2015.03.09 12:28:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\MPC-HC
[2015.07.25 02:06:08 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\NVIDIA
[2015.07.24 04:48:50 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Serif
[2015.07.18 16:42:33 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Skype
[2015.06.20 20:54:12 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Sniper Ghost Warrior 2
[2015.03.14 16:54:01 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\Steam
[2015.07.15 00:49:08 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\TS3Client
[2015.07.30 23:12:38 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\uTorrent
[2015.02.28 15:08:54 | 000,000,000 | ---D | M] -- C:\Users\Barborka\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2015.06.20 20:28:58 | 001,299,696 | ---- | M] () -- C:\Users\Barborka\AppData\Roaming\Sniper Ghost Warrior 2\Uninstall\unins000.exe
[2014.04.14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\Barborka\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Barborka\AppData\Roaming\uTorrent\utorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job >
[2015.08.07 19:52:24 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015.08.07 19:56:08 | 000,000,952 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Pro Agent" = "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun -- [2012.10.23 10:25:10 | 003,108,480 | ---- | M] (DT Soft Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.06.25 19:43:43 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=A7B6589F92C9CB498CDBA42EBEB23EE4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.07.31 08:19:29 | 000,813,896 | ---- | M] (Google Inc.) MD5=DFAE85572A4565A0B04B34F872EC58DB -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.08.07 19:59:35 | 000,000,512 | ---- | M] () MD5=72F6DCC623B9899CC7D26DF9DBDB9692 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2015.07.25 01:56:51 | 000,000,676 | ---- | M] () -- \Users\Barborka\AppData\Roaming\Microsoft\Windows\Recent\MirrorsEdge-Crack.lnk
[2015.02.28 16:22:36 | 000,014,057 | ---- | M] () -- \Users\Barborka\AppData\Roaming\uTorrent\Daemon Tools Pro. 5.2.0.0348.0 MULTI CRACK + SPTD 1.83.0.0.torrent
[2014.07.15 14:02:02 | 000,043,239 | ---- | M] () -- \Users\Barborka\Downloads\Dubturbo_v7.1.5_Producer_Edition_[Fully_Cracked]_+_Bonus_Plugins_[thethingy]__torrent_download.torrent
[2015.02.18 23:50:37 | 000,000,672 | ---- | M] () -- \Users\Barborka\Downloads\Gatherbuddy WoW Bot Cracked by Skel3tor ---[www.bts.to]--- .torrent
[2015.07.25 01:56:51 | 013,044,034 | ---- | M] () -- \Users\Barborka\Downloads\MirrorsEdge-Crack.rar
[2014.08.31 10:14:27 | 000,004,501 | ---- | M] () -- \Users\Barborka\Downloads\Pirox_PvPTools_3.3.5a_Cracked.7300214.TPB.torrent
[2015.03.14 17:18:37 | 000,000,962 | ---- | M] () -- \Users\Barborka\Downloads\[CzT]Alien_Isolation_Crack_2014_.torrent
[2011.03.22 17:55:41 | 007,018,624 | ---- | M] () -- \Users\Barborka\Downloads\Down South - Lost In Brooklyn (1994)\04 - Jimi Crack Korn.mp3
[2015.01.16 17:31:08 | 007,832,205 | ---- | M] () -- \Users\Barborka\Downloads\HOMAM 1-4\Heroes-of-Might-and-Magic-IV---crack.exe
< *keygen* /s >
[2014.12.24 03:18:16 | 000,037,145 | ---- | M] () -- \Users\Barborka\Downloads\[CzT]Adobe_Photoshop_CS3_Extended_10_CZ_keygen.torrent
< *loader* /s >
[2008.02.25 08:05:22 | 000,856,064 | ---- | M] () -- \KMPlayer\ImLoader.dll
[2010.03.24 20:12:34 | 000,249,680 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:12:34 | 000,018,264 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2015.07.20 16:26:42 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.07.20 16:26:44 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2010.03.24 20:35:48 | 000,370,512 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2010.03.24 20:35:48 | 000,018,264 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2014.03.13 23:20:16 | 000,003,208 | ---- | M] () -- \Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.7.6_0\skin\ajax-loader.gif
[2014.08.28 16:33:24 | 000,005,059 | ---- | M] () -- \Users\Barborka\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd\2.7.6_0\skin\png\icon-vdownloader.png
[2015.06.05 20:08:42 | 000,072,638 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\loader.gif
[2015.06.05 20:08:42 | 000,003,032 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\loader.png
[2015.06.05 20:08:42 | 000,006,012 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2015.06.05 20:08:42 | 000,021,956 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2015.06.05 20:08:42 | 000,009,772 | ---- | M] () -- \Users\Barborka\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2015.02.28 12:35:01 | 002,202,645 | ---- | M] () -- \Windows\Setup\SCRIPTS\Windows7Loader.exe
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2008.10.17 09:29:00 | 000,070,936 | ---- | M] () -- \Windows\System32\PhysXLoader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2008.10.17 09:29:00 | 000,070,936 | ---- | M] () -- \Windows\SysWOW64\PhysXLoader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_66f39ad995474166\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_66ff46fd953e6c5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:28:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_66dcd6a595588d81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:41:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_66b5981d957562a1\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_673e58b0ae93bb84\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_6787e564ae5ceff6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:26:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_67667556ae762a72\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:36:06 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_67316604ae9dcf7e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.11 17:00:42 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.11 17:00:42 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.11 17:00:42 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.11 17:00:42 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.11 17:00:42 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.11 17:00:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.11 17:00:43 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.11 17:00:43 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.11 17:00:43 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.11 17:00:43 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.06.17 17:47:51 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.01.13 00:17:25 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_91e42f042cd18522.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2009.07.14 04:13:42 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_b71babd98657e6ef.manifest
[2011.02.05 15:09:31 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16757_none_b73e23c9863dba66.manifest
[2011.02.05 15:04:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20897_none_b79c80e49f7bc9f4.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16816_none_0ad4ff55dce9d030\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:54 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17107_none_0ae0ab79dce0fb26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.20978_none_0b1fbd2cf6364a4e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:53 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21306_none_0b6949e0f5ff7ec0\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:59 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:37:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.04 08:40:56 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
Re: Pomalý komp, vytížený procesor, RAM
OTL Extras logfile created on: 7.8.2015 19:57:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barborka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,57% Memory free
4,00 Gb Paging File | 2,36 Gb Available in Paging File | 58,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 159,90 Gb Total Space | 75,96 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 305,76 Gb Total Space | 242,86 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive F: | 11,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 51,80 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Computer Name: BARBORKAKOMP | User Name: Barborka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1418699984-3109580536-2372209870-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042823B3-E7FA-4DB8-8AEF-A20EBB4BC5DE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0BE1C05C-0364-4C5F-8C14-971033C9D96E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0C97D1F1-D46E-4D79-97D6-4E0481B7D065}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A9F20EF-B518-4A33-92C5-FD50B7E45555}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{204BADFD-3ABA-4724-A7DE-37DC1BAD1A5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2988B22B-31D0-484F-B1DB-53359017499B}" = lport=137 | protocol=17 | dir=in | app=system |
"{31669277-9643-4E2F-9C06-86F3FD30F0F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{41ADF56F-4A76-494D-8FA2-BA63A1104A11}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45DB9FDA-A737-4001-97CF-82BCB4D63156}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{611A167D-64A6-49F9-B45B-AE6AD7A53A17}" = rport=138 | protocol=17 | dir=out | app=system |
"{68FA9D03-C2E6-4FBF-AC64-F7C4D6A7965D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7698E9C1-1C10-450A-8FBF-BA5C896A276F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7CF0153E-48D3-460E-B265-B2FCFAD34745}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D031E29-76DE-4F57-96B4-59C6DAF1A530}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F206B59-F7C1-4752-B2F9-9E819F0A2DD8}" = rport=445 | protocol=6 | dir=out | app=system |
"{86782DFE-D033-4BAA-8566-DF6ADE67962B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7096F2A-4C45-4AB2-892D-F4268FAFF96E}" = lport=138 | protocol=17 | dir=in | app=system |
"{A985E36D-CC9E-4DB2-8291-0E9B4ED34351}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6645551-15DA-4D5B-BC8A-F377EC7BDDB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{BACD47FD-28E1-4CFF-ABAE-05C65A5E88B7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D998CF3B-7AEF-44D0-806C-085F1ADCD226}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4DC882F-4A2E-46B6-ACF5-0918CD30E7D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6943FE2-B448-4C62-B93A-762F25BCC6C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8364C29-5597-4237-BA03-F202EB7198A6}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAA8B8F6-E650-43CC-B274-6CDD9541A8B9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02174352-67D8-415A-B78A-24805CB9AB29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B22A457-40CE-4D70-B6BD-15DE297C07FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{11A3A9F1-F24F-4F40-B993-F8797310677F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1A0F46BD-58BD-47BE-B8A6-29082B1F00DC}" = protocol=6 | dir=out | app=system |
"{3088074B-13A7-453C-85EB-62B2E2DE5FB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3844ECFE-E637-4BF9-BD86-0871A486D563}" = protocol=17 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{469278A1-4488-4A1D-BB49-88FF5228C6B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{48D71E73-EA5E-43AA-A641-133546745268}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{493D0353-BC8A-438F-9658-A217F911B911}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{495CF1BD-5A45-42D9-B90A-B356D9CB2B63}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57CB6CA0-D2A1-44CF-A746-4ABCA6D37E54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D28F451-7367-4D00-9625-904D210C6384}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA10AEA-B764-4733-B955-BD4F4B3692E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{6BAF50A1-D9F8-4807-9010-B3D51FD26E46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76530266-9AD9-4A0D-883D-83AD14B43F06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76F1101E-517C-4842-96DC-980FDF82D4F6}" = protocol=6 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{843D2D56-821C-48CE-931C-9D2C15396D38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87FCC451-CEBE-4CFF-A5CB-325E0384AFF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B49D915-3850-4C9D-BDA2-0D4D0BD24206}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A00FEF0A-6DBD-4BA5-A8E3-AB788C25BBDF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A1D0B1CC-F041-4172-B8AA-FA8C704B32E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A4B521DC-968C-4DB1-ADD9-83E3690E5750}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B530AF05-6A91-4B0E-8B87-946D48A22587}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B70AE312-C9F7-4887-8021-7B6B659A7327}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C1B729A4-5B57-4F99-B651-1CC85985D328}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C977B79D-6D0C-422B-BC02-B9009AD10735}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CCB11FEB-BA8C-4B0A-9F3A-DD765C7B7201}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4F2B086-CEFB-4063-BC7A-160B69276092}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E8724FD2-535C-45AC-B520-B2A4581C6A17}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6A50611-6BA8-4BCD-AF60-B84400DF0C07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"TCP Query User{245D15B9-49E7-4E8B-872B-D57C67B3297F}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{3C65FAB5-DAF0-4539-9E3A-3FF89F7D4AAD}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=6 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
"TCP Query User{B7141B36-874E-4AAE-B352-F946DC3FE983}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=6 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"TCP Query User{C2FE6BA3-B807-4637-9A4F-0EF771B96D05}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{1FEBAE3F-FF19-426D-93C2-E53531EF3011}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{6FD9F270-ADBB-437B-9C06-EAC0B10AC87C}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=17 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"UDP Query User{F44ECD55-98DE-4DB3-A655-4364F12D17BC}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{F559B392-44B9-4357-ACDB-651D72D1B1A0}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=17 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86418051F0}" = Java 8 Update 51 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7C5B1ECD-FE93-4FB2-A51A-06451BA49969}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Czech
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"DAEMON Tools Pro" = DAEMON Tools Pro
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Full)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"The KMPlayer" = KMPlayer (remove only)
"The Vanishing of Ethan Carter_is1" = The Vanishing of Ethan Carter
"WinRAR archiver" = WinRAR 5.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x8f4 Čas spuštění chybující aplikace: 0x01d0c7f25c505d00 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 9af4b560-33e5-11e5-bb58-002215d35de1
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x2a8 Čas spuštění chybující aplikace: 0x01d0c7f2635164a0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: a21c30c0-33e5-11e5-bb58-002215d35de1
Error - 27.7.2015 16:26:59 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:27:02 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x113c Čas spuštění chybující aplikace: 0x01d0c8aa7a174fc0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: d6408aa0-349d-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:29:11 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:29:12 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1214 Čas spuštění chybující aplikace: 0x01d0c8aae292a040 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 23edbc00-349e-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0xc88 Čas spuštění chybující aplikace: 0x01d0c8ab454384c0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 85a80b80-349e-11e5-9d4e-002215d35de1
[ System Events ]
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat
službu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 7.8.2015 13:41:41 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barborka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,57% Memory free
4,00 Gb Paging File | 2,36 Gb Available in Paging File | 58,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 159,90 Gb Total Space | 75,96 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 305,76 Gb Total Space | 242,86 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive F: | 11,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 51,80 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Computer Name: BARBORKAKOMP | User Name: Barborka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1418699984-3109580536-2372209870-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042823B3-E7FA-4DB8-8AEF-A20EBB4BC5DE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0BE1C05C-0364-4C5F-8C14-971033C9D96E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0C97D1F1-D46E-4D79-97D6-4E0481B7D065}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A9F20EF-B518-4A33-92C5-FD50B7E45555}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{204BADFD-3ABA-4724-A7DE-37DC1BAD1A5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2988B22B-31D0-484F-B1DB-53359017499B}" = lport=137 | protocol=17 | dir=in | app=system |
"{31669277-9643-4E2F-9C06-86F3FD30F0F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{41ADF56F-4A76-494D-8FA2-BA63A1104A11}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45DB9FDA-A737-4001-97CF-82BCB4D63156}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{611A167D-64A6-49F9-B45B-AE6AD7A53A17}" = rport=138 | protocol=17 | dir=out | app=system |
"{68FA9D03-C2E6-4FBF-AC64-F7C4D6A7965D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7698E9C1-1C10-450A-8FBF-BA5C896A276F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7CF0153E-48D3-460E-B265-B2FCFAD34745}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D031E29-76DE-4F57-96B4-59C6DAF1A530}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F206B59-F7C1-4752-B2F9-9E819F0A2DD8}" = rport=445 | protocol=6 | dir=out | app=system |
"{86782DFE-D033-4BAA-8566-DF6ADE67962B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7096F2A-4C45-4AB2-892D-F4268FAFF96E}" = lport=138 | protocol=17 | dir=in | app=system |
"{A985E36D-CC9E-4DB2-8291-0E9B4ED34351}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6645551-15DA-4D5B-BC8A-F377EC7BDDB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{BACD47FD-28E1-4CFF-ABAE-05C65A5E88B7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D998CF3B-7AEF-44D0-806C-085F1ADCD226}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4DC882F-4A2E-46B6-ACF5-0918CD30E7D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6943FE2-B448-4C62-B93A-762F25BCC6C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8364C29-5597-4237-BA03-F202EB7198A6}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAA8B8F6-E650-43CC-B274-6CDD9541A8B9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02174352-67D8-415A-B78A-24805CB9AB29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B22A457-40CE-4D70-B6BD-15DE297C07FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{11A3A9F1-F24F-4F40-B993-F8797310677F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1A0F46BD-58BD-47BE-B8A6-29082B1F00DC}" = protocol=6 | dir=out | app=system |
"{3088074B-13A7-453C-85EB-62B2E2DE5FB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3844ECFE-E637-4BF9-BD86-0871A486D563}" = protocol=17 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{469278A1-4488-4A1D-BB49-88FF5228C6B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{48D71E73-EA5E-43AA-A641-133546745268}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{493D0353-BC8A-438F-9658-A217F911B911}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{495CF1BD-5A45-42D9-B90A-B356D9CB2B63}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57CB6CA0-D2A1-44CF-A746-4ABCA6D37E54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D28F451-7367-4D00-9625-904D210C6384}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA10AEA-B764-4733-B955-BD4F4B3692E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{6BAF50A1-D9F8-4807-9010-B3D51FD26E46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76530266-9AD9-4A0D-883D-83AD14B43F06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76F1101E-517C-4842-96DC-980FDF82D4F6}" = protocol=6 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{843D2D56-821C-48CE-931C-9D2C15396D38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87FCC451-CEBE-4CFF-A5CB-325E0384AFF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B49D915-3850-4C9D-BDA2-0D4D0BD24206}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A00FEF0A-6DBD-4BA5-A8E3-AB788C25BBDF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A1D0B1CC-F041-4172-B8AA-FA8C704B32E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A4B521DC-968C-4DB1-ADD9-83E3690E5750}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B530AF05-6A91-4B0E-8B87-946D48A22587}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B70AE312-C9F7-4887-8021-7B6B659A7327}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C1B729A4-5B57-4F99-B651-1CC85985D328}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C977B79D-6D0C-422B-BC02-B9009AD10735}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CCB11FEB-BA8C-4B0A-9F3A-DD765C7B7201}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4F2B086-CEFB-4063-BC7A-160B69276092}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E8724FD2-535C-45AC-B520-B2A4581C6A17}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6A50611-6BA8-4BCD-AF60-B84400DF0C07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"TCP Query User{245D15B9-49E7-4E8B-872B-D57C67B3297F}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{3C65FAB5-DAF0-4539-9E3A-3FF89F7D4AAD}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=6 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
"TCP Query User{B7141B36-874E-4AAE-B352-F946DC3FE983}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=6 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"TCP Query User{C2FE6BA3-B807-4637-9A4F-0EF771B96D05}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{1FEBAE3F-FF19-426D-93C2-E53531EF3011}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{6FD9F270-ADBB-437B-9C06-EAC0B10AC87C}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=17 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"UDP Query User{F44ECD55-98DE-4DB3-A655-4364F12D17BC}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{F559B392-44B9-4357-ACDB-651D72D1B1A0}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=17 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86418051F0}" = Java 8 Update 51 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7C5B1ECD-FE93-4FB2-A51A-06451BA49969}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Czech
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"DAEMON Tools Pro" = DAEMON Tools Pro
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Full)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"The KMPlayer" = KMPlayer (remove only)
"The Vanishing of Ethan Carter_is1" = The Vanishing of Ethan Carter
"WinRAR archiver" = WinRAR 5.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x8f4 Čas spuštění chybující aplikace: 0x01d0c7f25c505d00 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 9af4b560-33e5-11e5-bb58-002215d35de1
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x2a8 Čas spuštění chybující aplikace: 0x01d0c7f2635164a0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: a21c30c0-33e5-11e5-bb58-002215d35de1
Error - 27.7.2015 16:26:59 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:27:02 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x113c Čas spuštění chybující aplikace: 0x01d0c8aa7a174fc0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: d6408aa0-349d-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:29:11 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:29:12 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1214 Čas spuštění chybující aplikace: 0x01d0c8aae292a040 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 23edbc00-349e-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0xc88 Čas spuštění chybující aplikace: 0x01d0c8ab454384c0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 85a80b80-349e-11e5-9d4e-002215d35de1
[ System Events ]
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat
službu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 7.8.2015 13:41:41 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
< End of report >
Re: Pomalý komp, vytížený procesor, RAM
OTL Extras logfile created on: 7.8.2015 19:57:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barborka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,57% Memory free
4,00 Gb Paging File | 2,36 Gb Available in Paging File | 58,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 159,90 Gb Total Space | 75,96 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 305,76 Gb Total Space | 242,86 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive F: | 11,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 51,80 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Computer Name: BARBORKAKOMP | User Name: Barborka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1418699984-3109580536-2372209870-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042823B3-E7FA-4DB8-8AEF-A20EBB4BC5DE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0BE1C05C-0364-4C5F-8C14-971033C9D96E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0C97D1F1-D46E-4D79-97D6-4E0481B7D065}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A9F20EF-B518-4A33-92C5-FD50B7E45555}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{204BADFD-3ABA-4724-A7DE-37DC1BAD1A5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2988B22B-31D0-484F-B1DB-53359017499B}" = lport=137 | protocol=17 | dir=in | app=system |
"{31669277-9643-4E2F-9C06-86F3FD30F0F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{41ADF56F-4A76-494D-8FA2-BA63A1104A11}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45DB9FDA-A737-4001-97CF-82BCB4D63156}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{611A167D-64A6-49F9-B45B-AE6AD7A53A17}" = rport=138 | protocol=17 | dir=out | app=system |
"{68FA9D03-C2E6-4FBF-AC64-F7C4D6A7965D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7698E9C1-1C10-450A-8FBF-BA5C896A276F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7CF0153E-48D3-460E-B265-B2FCFAD34745}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D031E29-76DE-4F57-96B4-59C6DAF1A530}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F206B59-F7C1-4752-B2F9-9E819F0A2DD8}" = rport=445 | protocol=6 | dir=out | app=system |
"{86782DFE-D033-4BAA-8566-DF6ADE67962B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7096F2A-4C45-4AB2-892D-F4268FAFF96E}" = lport=138 | protocol=17 | dir=in | app=system |
"{A985E36D-CC9E-4DB2-8291-0E9B4ED34351}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6645551-15DA-4D5B-BC8A-F377EC7BDDB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{BACD47FD-28E1-4CFF-ABAE-05C65A5E88B7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D998CF3B-7AEF-44D0-806C-085F1ADCD226}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4DC882F-4A2E-46B6-ACF5-0918CD30E7D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6943FE2-B448-4C62-B93A-762F25BCC6C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8364C29-5597-4237-BA03-F202EB7198A6}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAA8B8F6-E650-43CC-B274-6CDD9541A8B9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02174352-67D8-415A-B78A-24805CB9AB29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B22A457-40CE-4D70-B6BD-15DE297C07FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{11A3A9F1-F24F-4F40-B993-F8797310677F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1A0F46BD-58BD-47BE-B8A6-29082B1F00DC}" = protocol=6 | dir=out | app=system |
"{3088074B-13A7-453C-85EB-62B2E2DE5FB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3844ECFE-E637-4BF9-BD86-0871A486D563}" = protocol=17 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{469278A1-4488-4A1D-BB49-88FF5228C6B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{48D71E73-EA5E-43AA-A641-133546745268}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{493D0353-BC8A-438F-9658-A217F911B911}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{495CF1BD-5A45-42D9-B90A-B356D9CB2B63}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57CB6CA0-D2A1-44CF-A746-4ABCA6D37E54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D28F451-7367-4D00-9625-904D210C6384}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA10AEA-B764-4733-B955-BD4F4B3692E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{6BAF50A1-D9F8-4807-9010-B3D51FD26E46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76530266-9AD9-4A0D-883D-83AD14B43F06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76F1101E-517C-4842-96DC-980FDF82D4F6}" = protocol=6 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{843D2D56-821C-48CE-931C-9D2C15396D38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87FCC451-CEBE-4CFF-A5CB-325E0384AFF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B49D915-3850-4C9D-BDA2-0D4D0BD24206}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A00FEF0A-6DBD-4BA5-A8E3-AB788C25BBDF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A1D0B1CC-F041-4172-B8AA-FA8C704B32E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A4B521DC-968C-4DB1-ADD9-83E3690E5750}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B530AF05-6A91-4B0E-8B87-946D48A22587}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B70AE312-C9F7-4887-8021-7B6B659A7327}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C1B729A4-5B57-4F99-B651-1CC85985D328}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C977B79D-6D0C-422B-BC02-B9009AD10735}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CCB11FEB-BA8C-4B0A-9F3A-DD765C7B7201}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4F2B086-CEFB-4063-BC7A-160B69276092}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E8724FD2-535C-45AC-B520-B2A4581C6A17}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6A50611-6BA8-4BCD-AF60-B84400DF0C07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"TCP Query User{245D15B9-49E7-4E8B-872B-D57C67B3297F}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{3C65FAB5-DAF0-4539-9E3A-3FF89F7D4AAD}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=6 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
"TCP Query User{B7141B36-874E-4AAE-B352-F946DC3FE983}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=6 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"TCP Query User{C2FE6BA3-B807-4637-9A4F-0EF771B96D05}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{1FEBAE3F-FF19-426D-93C2-E53531EF3011}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{6FD9F270-ADBB-437B-9C06-EAC0B10AC87C}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=17 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"UDP Query User{F44ECD55-98DE-4DB3-A655-4364F12D17BC}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{F559B392-44B9-4357-ACDB-651D72D1B1A0}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=17 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86418051F0}" = Java 8 Update 51 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7C5B1ECD-FE93-4FB2-A51A-06451BA49969}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Czech
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"DAEMON Tools Pro" = DAEMON Tools Pro
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Full)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"The KMPlayer" = KMPlayer (remove only)
"The Vanishing of Ethan Carter_is1" = The Vanishing of Ethan Carter
"WinRAR archiver" = WinRAR 5.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x8f4 Čas spuštění chybující aplikace: 0x01d0c7f25c505d00 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 9af4b560-33e5-11e5-bb58-002215d35de1
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x2a8 Čas spuštění chybující aplikace: 0x01d0c7f2635164a0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: a21c30c0-33e5-11e5-bb58-002215d35de1
Error - 27.7.2015 16:26:59 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:27:02 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x113c Čas spuštění chybující aplikace: 0x01d0c8aa7a174fc0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: d6408aa0-349d-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:29:11 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:29:12 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1214 Čas spuštění chybující aplikace: 0x01d0c8aae292a040 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 23edbc00-349e-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0xc88 Čas spuštění chybující aplikace: 0x01d0c8ab454384c0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 85a80b80-349e-11e5-9d4e-002215d35de1
[ System Events ]
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat
službu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 7.8.2015 13:41:41 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barborka\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
2,00 Gb Total Physical Memory | 0,53 Gb Available Physical Memory | 26,57% Memory free
4,00 Gb Paging File | 2,36 Gb Available in Paging File | 58,93% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 159,90 Gb Total Space | 75,96 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 305,76 Gb Total Space | 242,86 Gb Free Space | 79,43% Space Free | Partition Type: NTFS
Drive F: | 11,36 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 465,76 Gb Total Space | 51,80 Gb Free Space | 11,12% Space Free | Partition Type: NTFS
Computer Name: BARBORKAKOMP | User Name: Barborka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1418699984-3109580536-2372209870-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [mplayerc64.enqueue] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" /add "%1" (MPC-HC Team)
Directory [mplayerc64.play] -- "C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe" "%1" (MPC-HC Team)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042823B3-E7FA-4DB8-8AEF-A20EBB4BC5DE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0BE1C05C-0364-4C5F-8C14-971033C9D96E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0C97D1F1-D46E-4D79-97D6-4E0481B7D065}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1A9F20EF-B518-4A33-92C5-FD50B7E45555}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{204BADFD-3ABA-4724-A7DE-37DC1BAD1A5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2988B22B-31D0-484F-B1DB-53359017499B}" = lport=137 | protocol=17 | dir=in | app=system |
"{31669277-9643-4E2F-9C06-86F3FD30F0F3}" = rport=139 | protocol=6 | dir=out | app=system |
"{41ADF56F-4A76-494D-8FA2-BA63A1104A11}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{45DB9FDA-A737-4001-97CF-82BCB4D63156}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{611A167D-64A6-49F9-B45B-AE6AD7A53A17}" = rport=138 | protocol=17 | dir=out | app=system |
"{68FA9D03-C2E6-4FBF-AC64-F7C4D6A7965D}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{7698E9C1-1C10-450A-8FBF-BA5C896A276F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7CF0153E-48D3-460E-B265-B2FCFAD34745}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7D031E29-76DE-4F57-96B4-59C6DAF1A530}" = rport=137 | protocol=17 | dir=out | app=system |
"{7F206B59-F7C1-4752-B2F9-9E819F0A2DD8}" = rport=445 | protocol=6 | dir=out | app=system |
"{86782DFE-D033-4BAA-8566-DF6ADE67962B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A7096F2A-4C45-4AB2-892D-F4268FAFF96E}" = lport=138 | protocol=17 | dir=in | app=system |
"{A985E36D-CC9E-4DB2-8291-0E9B4ED34351}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6645551-15DA-4D5B-BC8A-F377EC7BDDB6}" = lport=139 | protocol=6 | dir=in | app=system |
"{BACD47FD-28E1-4CFF-ABAE-05C65A5E88B7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D998CF3B-7AEF-44D0-806C-085F1ADCD226}" = rport=10243 | protocol=6 | dir=out | app=system |
"{F4DC882F-4A2E-46B6-ACF5-0918CD30E7D2}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F6943FE2-B448-4C62-B93A-762F25BCC6C4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8364C29-5597-4237-BA03-F202EB7198A6}" = lport=445 | protocol=6 | dir=in | app=system |
"{FAA8B8F6-E650-43CC-B274-6CDD9541A8B9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02174352-67D8-415A-B78A-24805CB9AB29}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{0B22A457-40CE-4D70-B6BD-15DE297C07FA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{11A3A9F1-F24F-4F40-B993-F8797310677F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{1A0F46BD-58BD-47BE-B8A6-29082B1F00DC}" = protocol=6 | dir=out | app=system |
"{3088074B-13A7-453C-85EB-62B2E2DE5FB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3844ECFE-E637-4BF9-BD86-0871A486D563}" = protocol=17 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{469278A1-4488-4A1D-BB49-88FF5228C6B5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{48D71E73-EA5E-43AA-A641-133546745268}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{493D0353-BC8A-438F-9658-A217F911B911}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{495CF1BD-5A45-42D9-B90A-B356D9CB2B63}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{57CB6CA0-D2A1-44CF-A746-4ABCA6D37E54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D28F451-7367-4D00-9625-904D210C6384}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5FA10AEA-B764-4733-B955-BD4F4B3692E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{6BAF50A1-D9F8-4807-9010-B3D51FD26E46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76530266-9AD9-4A0D-883D-83AD14B43F06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{76F1101E-517C-4842-96DC-980FDF82D4F6}" = protocol=6 | dir=in | app=d:\mirrors edge\binaries\mirrorsedge.exe |
"{843D2D56-821C-48CE-931C-9D2C15396D38}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{87FCC451-CEBE-4CFF-A5CB-325E0384AFF2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B49D915-3850-4C9D-BDA2-0D4D0BD24206}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A00FEF0A-6DBD-4BA5-A8E3-AB788C25BBDF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A1D0B1CC-F041-4172-B8AA-FA8C704B32E7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A4B521DC-968C-4DB1-ADD9-83E3690E5750}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B530AF05-6A91-4B0E-8B87-946D48A22587}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B70AE312-C9F7-4887-8021-7B6B659A7327}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C1B729A4-5B57-4F99-B651-1CC85985D328}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C977B79D-6D0C-422B-BC02-B9009AD10735}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CCB11FEB-BA8C-4B0A-9F3A-DD765C7B7201}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4F2B086-CEFB-4063-BC7A-160B69276092}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{E8724FD2-535C-45AC-B520-B2A4581C6A17}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F6A50611-6BA8-4BCD-AF60-B84400DF0C07}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"TCP Query User{245D15B9-49E7-4E8B-872B-D57C67B3297F}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{3C65FAB5-DAF0-4539-9E3A-3FF89F7D4AAD}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=6 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
"TCP Query User{B7141B36-874E-4AAE-B352-F946DC3FE983}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=6 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"TCP Query User{C2FE6BA3-B807-4637-9A4F-0EF771B96D05}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=6 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{1FEBAE3F-FF19-426D-93C2-E53531EF3011}C:\users\barborka\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\barborka\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{6FD9F270-ADBB-437B-9C06-EAC0B10AC87C}D:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe" = protocol=17 | dir=in | app=d:\sniper ghost warrior 2\bin32\sniperghostwarrior2.exe |
"UDP Query User{F44ECD55-98DE-4DB3-A655-4364F12D17BC}D:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe" = protocol=17 | dir=in | app=d:\ufo\xcom - enemy unknown cz\binaries\win32\xcomgame.exe |
"UDP Query User{F559B392-44B9-4357-ACDB-651D72D1B1A0}D:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe" = protocol=17 | dir=in | app=d:\the.vanishing.of.ethan.carter-codex\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86418051F0}" = Java 8 Update 51 (64-bit)
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 341.44
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 10.4.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.6
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7C5B1ECD-FE93-4FB2-A51A-06451BA49969}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.12) - Czech
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"DAEMON Tools Pro" = DAEMON Tools Pro
"Google Chrome" = Google Chrome
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.3.1 (Full)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"The KMPlayer" = KMPlayer (remove only)
"The Vanishing of Ethan Carter_is1" = The Vanishing of Ethan Carter
"WinRAR archiver" = WinRAR 5.20 (32-bit)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:15 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x8f4 Čas spuštění chybující aplikace: 0x01d0c7f25c505d00 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 9af4b560-33e5-11e5-bb58-002215d35de1
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 26.7.2015 18:28:27 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x2a8 Čas spuštění chybující aplikace: 0x01d0c7f2635164a0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: a21c30c0-33e5-11e5-bb58-002215d35de1
Error - 27.7.2015 16:26:59 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:27:02 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x113c Čas spuštění chybující aplikace: 0x01d0c8aa7a174fc0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: d6408aa0-349d-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:29:11 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:29:12 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0x1214 Čas spuštění chybující aplikace: 0x01d0c8aae292a040 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 23edbc00-349e-11e5-9d4e-002215d35de1
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = .NET Runtime | ID = 1026
Description =
Error - 27.7.2015 16:31:56 | Computer Name = Barborkakomp | Source = Application Error | ID = 1000
Description = Název chybující aplikace: Launcher.exe_Setup, verze: 1.0.0.0, časové
razítko: 0x54245453 Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.18869,
časové razítko: 0x556363bc Kód výjimky: 0xe0434352 Posun chyby: 0x0000c42d ID chybujícího
procesu: 0xc88 Čas spuštění chybující aplikace: 0x01d0c8ab454384c0 Cesta k chybující
aplikaci: D:\The.Vanishing.of.Ethan.Carter-CODEX\The Vanishing of Ethan Carter\Binaries\Launcher.exe
Cesta
k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll ID zprávy: 85a80b80-349e-11e5-9d4e-002215d35de1
[ System Events ]
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:31:03 | Computer Name = Barborkakomp | Source = Microsoft-Windows-WHEA-Logger | ID = 18
Description = Došlo k závažné chybě hardwaru. Ohlášeno součástí: Jádro procesoru Zdroj
chyby: 3 Typ chyby: 256 ID procesoru: 1 Další informace jsou obsaženy v podrobném
zobrazení tohoto záznamu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to
1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat
službu.
Error - 7.8.2015 13:35:45 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento
stav nastal již 1krát.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena.
Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund:
Restartovat službu.
Error - 7.8.2015 13:35:46 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7031
Description = Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error - 7.8.2015 13:41:41 | Computer Name = Barborkakomp | Source = Service Control Manager | ID = 7034
Description = Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena.
Tento stav nastal již 1krát.
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý komp, vytížený procesor, RAM
Váš oper. systém opravdu není legální. Pokud jste za něj zaplatil, požadujte vrácení peněz. Utilita kterou jste spustil umožňuje léčení PC, ale také zároveň prozradí i to, zda je, či není legální. V tom případě vám nemohu pomoci.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalý komp, vytížený procesor, RAM
Děkuju vám za odpověď a respektuju to že mi s nelegal systémem pomoci nemůžete, stejně tak děkuju za váš čas. Zítra si půjdu promluvit s člověkem co mi za peníze nainstaloval nelegální win.
Hezký večer
Hezký večer
-
Rudy
- Site Admin
- Příspěvky: 119675
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalý komp, vytížený procesor, RAM
Hezký večer i vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?
