Modré smrti
Napsal: 09 úno 2015 13:10
Dobrý den,
chtěl bych poprosit o pomoc. Již nějaký týden mívám problém s modrými smrtmi. Smrt se ve valné většině objeví pouze když hraji hru League of Legends.
Již jsem zkoušel re-instalovat, instalovat nejnovější ovladače všechno. Zatím nic nepomohlo
Zhruba na konci listopadu jsem si pořídil nový pevný disk,takže instalace Windows je skoro nová.
Zatím jsem zaznamenal tyto případy
0x0000007f
0x000000D1
0x0000000A
0x0000001E
Většinou s textem Driver_IRQL_NOT_LESS_OR_EQUAL
přikládám log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pang at 2015-02-09 13:04:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 14 GB (14%) free of 100 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:20, on 9.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
D:\DOWNLOAD\Volume2\Volume2.exe
D:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pang.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Live Update] D:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [Unified Remote V3] C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
O4 - HKCU\..\Run: [Volume2] D:\DOWNLOAD\Volume2\Volume2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7713 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"D:\DOWNLOAD\Volume2\Volume2.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"D:\Program Files (x86)\MSI\Live Update\Live Update.exe" /REMINDER
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3548.0.452910303\1970475283" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x6818 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.1.1800386497\1850220258" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.3.671673318\523298006" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.4.109322488\108586562" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.5.899897203\614083082" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.6.729915253\414550636" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.7.798803612\399541454" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.8.617543050\1245153753" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll" --lang=cs --channel="3548.9.79752348\225263027" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.13.744468073\1205740204" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"D:\DOWNLOAD\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d04228d62b4955.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Pang\AppData\Roaming\Mozilla\Firefox\Profiles\fhc7nvro.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Unified Remote V3"=C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe []
"Volume2"=D:\DOWNLOAD\Volume2\Volume2.exe [2015-01-11 4771328]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\raptrstub.exe --startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files (x86)\Steam\steam.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Volume2]
D:\DOWNLOAD\Volume2\Volume2.exe [2015-01-11 4771328]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Live Update"=D:\Program Files (x86)\MSI\Live Update\Live Update.exe [2014-11-27 3484624]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAVolume"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-02-09 13:04:19 ----D---- C:\rsit
2015-02-09 13:04:19 ----D---- C:\Program Files\trend micro
2015-02-09 09:25:53 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-09 09:25:53 ----A---- C:\Windows\system32\mstscax.dll
2015-02-09 09:25:47 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-08 20:21:08 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-08 18:55:02 ----D---- C:\Windows\system32\appmgmt
2015-02-08 18:00:34 ----A---- C:\Windows\system32\wmploc.DLL
2015-02-08 18:00:33 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-02-08 18:00:33 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-02-08 18:00:32 ----A---- C:\Windows\system32\wmp.dll
2015-02-08 17:56:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-08 17:56:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-08 17:56:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-08 17:56:44 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\wksprt.exe
2015-02-08 17:56:43 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\mstsc.exe
2015-02-08 17:56:43 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-08 17:45:14 ----D---- C:\Windows\Migration
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-02-08 17:30:43 ----A---- C:\Windows\system32\rrinstaller.exe
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mfps.dll
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mfpmp.exe
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mferror.dll
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mf.dll
2015-02-08 17:29:04 ----A---- C:\Windows\system32\WUDFSvc.dll
2015-02-08 17:29:04 ----A---- C:\Windows\system32\WUDFPlatform.dll
2015-02-08 17:29:04 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2015-02-08 17:29:04 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2015-02-08 17:29:01 ----A---- C:\Windows\system32\WUDFx.dll
2015-02-08 17:29:01 ----A---- C:\Windows\system32\WUDFHost.exe
2015-02-08 17:29:01 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2015-02-08 17:25:45 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-02-08 17:25:45 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-02-08 17:20:33 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2015-02-08 17:20:33 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2015-02-08 17:20:33 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2015-02-08 17:20:33 ----A---- C:\Windows\system32\RMActivate_isv.exe
2015-02-08 17:20:33 ----A---- C:\Windows\system32\RMActivate.exe
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc_ssp.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2015-02-08 17:20:32 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2015-02-08 17:20:32 ----A---- C:\Windows\system32\msdrm.dll
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDRU.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-02-08 17:19:59 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2015-02-08 17:19:59 ----A---- C:\Windows\system32\msieftp.dll
2015-02-08 17:19:50 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2015-02-08 17:19:50 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-02-08 17:19:50 ----A---- C:\Windows\system32\fsutil.exe
2015-02-08 17:19:50 ----A---- C:\Windows\system32\esent.dll
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\nvstor.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\nvraid.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\amdxata.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\amdsata.sys
2015-02-08 17:19:49 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2015-02-08 17:19:42 ----A---- C:\Windows\system32\tquery.dll
2015-02-08 17:19:42 ----A---- C:\Windows\system32\mssrch.dll
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-02-08 17:19:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-02-08 17:19:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-02-08 17:19:41 ----A---- C:\Windows\system32\mssph.dll
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2015-02-08 17:19:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2015-02-08 17:19:40 ----A---- C:\Windows\system32\mssvp.dll
2015-02-08 17:19:40 ----A---- C:\Windows\system32\mssphtb.dll
2015-02-08 17:19:40 ----A---- C:\Windows\system32\msscntrs.dll
2015-02-08 17:19:26 ----A---- C:\Windows\system32\Wpc.dll
2015-02-08 17:19:26 ----A---- C:\Windows\system32\gameux.dll
2015-02-08 17:19:25 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2015-02-08 17:19:25 ----A---- C:\Windows\SYSWOW64\gameux.dll
2015-02-08 17:19:01 ----A---- C:\Windows\system32\wwansvc.dll
2015-02-08 17:19:01 ----A---- C:\Windows\system32\wwanprotdim.dll
2015-02-08 17:18:42 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-02-08 17:18:42 ----A---- C:\Windows\system32\WMPhoto.dll
2015-02-08 17:18:38 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-02-08 17:18:38 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-02-08 17:18:19 ----A---- C:\Windows\system32\ntshrui.dll
2015-02-08 17:18:18 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2015-02-08 17:18:01 ----A---- C:\Windows\SYSWOW64\netevent.dll
2015-02-08 17:18:01 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\netevent.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\netcorehc.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\iphlpsvc.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2015-02-08 17:17:28 ----A---- C:\Windows\system32\OxpsConverter.exe
2015-02-08 17:17:23 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2015-02-08 17:17:23 ----A---- C:\Windows\system32\xmllite.dll
2015-02-08 17:17:00 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2015-02-08 17:17:00 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2015-02-08 17:17:00 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2015-02-08 17:17:00 ----A---- C:\Windows\system32\dhcpcore6.dll
2015-02-08 17:16:49 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-02-08 17:16:49 ----A---- C:\Windows\system32\d3d10warp.dll
2015-02-08 17:16:45 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2015-02-08 17:16:45 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-02-08 17:16:41 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-02-08 17:16:38 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-02-08 17:16:38 ----A---- C:\Windows\system32\qdvd.dll
2015-02-08 17:16:35 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-02-08 17:16:35 ----A---- C:\Windows\system32\charmap.exe
2015-02-08 17:16:33 ----A---- C:\Windows\system32\shell32.dll
2015-02-08 17:16:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-02-08 17:16:02 ----A---- C:\Windows\system32\drivers\ataport.sys
2015-02-08 17:16:00 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-02-08 17:16:00 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-02-08 17:16:00 ----A---- C:\Windows\system32\WebClnt.dll
2015-02-08 17:16:00 ----A---- C:\Windows\system32\davclnt.dll
2015-02-08 17:15:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-02-08 17:15:44 ----A---- C:\Windows\system32\tzres.dll
2015-02-08 17:15:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-02-08 17:15:29 ----A---- C:\Windows\system32\drivers\fvevol.sys
2015-02-08 17:15:18 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2015-02-08 17:15:18 ----A---- C:\Windows\SYSWOW64\credui.dll
2015-02-08 17:15:18 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2015-02-08 17:15:18 ----A---- C:\Windows\system32\credui.dll
2015-02-08 17:15:08 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2015-02-08 17:15:07 ----A---- C:\Windows\system32\mswsock.dll
2015-02-08 17:15:06 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-02-08 17:15:06 ----A---- C:\Windows\system32\WsmSvc.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WsmAuto.dll
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-02-08 17:14:44 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2015-02-08 17:14:44 ----A---- C:\Windows\system32\iologmsg.dll
2015-02-08 17:14:44 ----A---- C:\Windows\system32\drivers\storport.sys
2015-02-08 17:14:44 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2015-02-08 17:14:44 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2015-02-08 17:13:05 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-02-08 17:13:05 ----A---- C:\Windows\system32\msi.dll
2015-02-08 17:11:10 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2015-02-08 17:11:10 ----A---- C:\Windows\system32\cryptdlg.dll
2015-02-08 17:03:50 ----D---- C:\Program Files (x86)\Setup Files
2015-02-08 17:01:03 ----A---- C:\Windows\acpimof.dll
2015-02-08 17:00:58 ----D---- C:\MSI
2015-02-08 16:52:30 ----A---- C:\Windows\system32\scavengeui.dll
2015-02-06 12:26:51 ----A---- C:\Windows\WORDPAD.INI
2015-02-03 16:16:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-25 17:58:53 ----A---- C:\Windows\SYSWOW64\Access.dat
2015-01-25 17:51:23 ----D---- C:\Users\Pang\AppData\Roaming\Tunngle
2015-01-25 17:51:23 ----D---- C:\ProgramData\Tunngle
2015-01-25 17:51:21 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2015-01-25 17:51:17 ----D---- C:\Program Files (x86)\Tunngle
2015-01-24 20:11:04 ----D---- C:\Windows\SYSWOW64\directx
2015-01-24 19:56:28 ----D---- C:\Users\Pang\AppData\Roaming\Teeworlds
2015-01-22 19:46:50 ----D---- C:\Program Files\ESET
2015-01-21 11:15:16 ----D---- C:\Users\Pang\AppData\Roaming\PhotoFiltre 7
2015-01-21 11:15:13 ----D---- C:\Program Files (x86)\PhotoFiltre 7
2015-01-14 09:48:08 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 09:48:07 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 09:48:07 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 09:48:07 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 09:48:07 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 09:48:07 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 09:48:05 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 09:47:56 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 09:47:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 09:47:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 09:47:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 09:47:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 09:47:54 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 09:47:54 ----A---- C:\Windows\system32\rstrui.exe
2015-01-13 17:55:48 ----A---- C:\Windows\system32\drivers\uvhid.sys
2015-01-13 17:55:48 ----A---- C:\Windows\system32\drivers\hidkmdf.sys
2015-01-13 17:55:45 ----D---- C:\ProgramData\Unified Remote
2015-01-11 21:20:37 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 month======
2015-02-09 13:04:19 ----RD---- C:\Program Files
2015-02-09 13:04:19 ----D---- C:\Windows\Temp
2015-02-09 12:53:06 ----D---- C:\Windows\system32\config
2015-02-09 12:48:51 ----D---- C:\Windows\Microsoft.NET
2015-02-09 11:38:27 ----D---- C:\Windows\SysWOW64
2015-02-09 11:38:27 ----D---- C:\Windows\System32
2015-02-09 11:38:11 ----D---- C:\Windows\winsxs
2015-02-09 11:38:00 ----SHD---- C:\System Volume Information
2015-02-09 11:05:03 ----D---- C:\ProgramData\Origin
2015-02-09 09:25:45 ----D---- C:\Windows\system32\catroot
2015-02-09 09:24:55 ----D---- C:\Windows\system32\catroot2
2015-02-08 20:21:01 ----A---- C:\Windows\system32\PnkBstrA.exe
2015-02-08 19:53:08 ----RD---- C:\Program Files (x86)
2015-02-08 19:52:49 ----D---- C:\Windows\system32\DriverStore
2015-02-08 19:52:49 ----D---- C:\Windows\system32\drivers
2015-02-08 19:52:49 ----D---- C:\Windows\inf
2015-02-08 19:45:12 ----SD---- C:\ProgramData\Microsoft
2015-02-08 19:04:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-08 18:55:02 ----SHD---- C:\Windows\Installer
2015-02-08 18:55:01 ----D---- C:\Program Files (x86)\SmartView2
2015-02-08 18:50:21 ----D---- C:\Program Files (x86)\Everest Ultimate Edition 5.50.2100 CZ FULL + SERIAL 100% funkn - by kopiha
2015-02-08 18:49:34 ----HD---- C:\ProgramData
2015-02-08 18:41:55 ----D---- C:\Windows
2015-02-08 18:03:45 ----D---- C:\Program Files\Windows Media Player
2015-02-08 18:03:45 ----D---- C:\Program Files (x86)\Windows Media Player
2015-02-08 18:03:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-08 18:03:36 ----D---- C:\Windows\system32\cs-CZ
2015-02-08 18:03:35 ----D---- C:\Windows\AppPatch
2015-02-08 18:03:29 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-08 18:03:27 ----D---- C:\Windows\system32\drivers\en-US
2015-02-08 18:03:26 ----D---- C:\Windows\system32\wbem
2015-02-08 18:03:19 ----D---- C:\Windows\SYSWOW64\Dism
2015-02-08 18:03:17 ----D---- C:\Windows\system32\Dism
2015-02-08 18:03:15 ----RSD---- C:\Windows\Fonts
2015-02-08 18:03:15 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-02-08 18:02:57 ----D---- C:\Windows\PolicyDefinitions
2015-02-08 18:02:54 ----D---- C:\Windows\SYSWOW64\migration
2015-02-08 18:02:54 ----D---- C:\Windows\system32\migration
2015-02-08 17:51:22 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-08 17:03:54 ----D---- C:\Windows\Prefetch
2015-02-07 18:19:23 ----D---- C:\Program Files (x86)\Common Files
2015-02-07 18:17:29 ----RSD---- C:\Windows\assembly
2015-02-07 12:10:00 ----D---- C:\Users\Pang\AppData\Roaming\Origin
2015-02-07 12:07:19 ----D---- C:\ProgramData\Electronic Arts
2015-02-07 00:13:09 ----D---- C:\KMPlayer
2015-02-06 22:20:36 ----D---- C:\Users\Pang\AppData\Roaming\uTorrent
2015-02-06 17:20:35 ----D---- C:\Windows\Tasks
2015-02-06 17:20:35 ----D---- C:\Windows\system32\Tasks
2015-02-03 20:04:09 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 17:21:34 ----D---- C:\Users\Pang\AppData\Roaming\Skype
2015-01-30 14:58:51 ----D---- C:\Windows\system32\NDF
2015-01-25 12:53:02 ----D---- C:\ProgramData\Steam
2015-01-24 20:13:16 ----D---- C:\ProgramData\Package Cache
2015-01-17 14:56:15 ----D---- C:\ProgramData\Skype
2015-01-17 14:56:09 ----RD---- C:\Program Files (x86)\Skype
2015-01-14 21:41:16 ----D---- C:\Windows\system32\MRT
2015-01-14 21:41:16 ----D---- C:\Windows\debug
2015-01-14 21:41:02 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\D:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2010-10-22 14136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-26 888536]
S3 cpuz137;cpuz137; \??\C:\Users\Pang\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7599vHK0\NTIOLib_X64.sys [2011-01-06 11888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 uvhid;Unified Virtual HID; C:\Windows\system32\DRIVERS\uvhid.sys [2015-01-13 25592]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-11-27 1732048]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-02-08 76152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-11-07 85096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-03 114800]
S3 Origin Client Service;Origin Client Service; D:\hry\Origin\OriginClientService.exe [2015-02-07 1910128]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-01-17 762320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-14 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\hry\Hi-Rez-Smite\HiPatchService.exe [2015-01-12 9216]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
-----------------EOF-----------------
chtěl bych poprosit o pomoc. Již nějaký týden mívám problém s modrými smrtmi. Smrt se ve valné většině objeví pouze když hraji hru League of Legends.
Již jsem zkoušel re-instalovat, instalovat nejnovější ovladače všechno. Zatím nic nepomohlo
Zhruba na konci listopadu jsem si pořídil nový pevný disk,takže instalace Windows je skoro nová.
Zatím jsem zaznamenal tyto případy
0x0000007f
0x000000D1
0x0000000A
0x0000001E
Většinou s textem Driver_IRQL_NOT_LESS_OR_EQUAL
přikládám log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pang at 2015-02-09 13:04:19
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 14 GB (14%) free of 100 GB
Total RAM: 4095 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:20, on 9.2.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
D:\DOWNLOAD\Volume2\Volume2.exe
D:\Program Files (x86)\MSI\Live Update\Live Update.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pang.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - (no file)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Live Update] D:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKCU\..\Run: [Unified Remote V3] C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
O4 - HKCU\..\Run: [Volume2] D:\DOWNLOAD\Volume2\Volume2.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star International - D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\hry\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7713 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"D:\DOWNLOAD\Volume2\Volume2.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"D:\Program Files (x86)\MSI\Live Update\Live Update.exe" /REMINDER
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3548.0.452910303\1970475283" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,39 --gpu-vendor-id=0x1002 --gpu-device-id=0x6818 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.1.1800386497\1850220258" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.3.671673318\523298006" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.4.109322488\108586562" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.5.899897203\614083082" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.6.729915253\414550636" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.7.798803612\399541454" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.8.617543050\1245153753" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll" --lang=cs --channel="3548.9.79752348\225263027" /prefetch:-390060480
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GCM/Enabled/GoogleNow/Enable/MaterialDesignNTP/Enabled/NewProfileManagement/NewAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/EnabledForLargePopulation/RememberCertificateErrorDecisions/Default/SPDY/Spdy4Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_84/UMA-Uniformity-Trial-10-Percent/group_02/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_08/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/Off/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="3548.13.744468073\1205740204" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"D:\DOWNLOAD\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d04228d62b4955.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Pang\AppData\Roaming\Mozilla\Firefox\Profiles\fhc7nvro.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
SteadyVideoBHO Class - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14 81024]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Unified Remote V3"=C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe []
"Volume2"=D:\DOWNLOAD\Volume2\Volume2.exe [2015-01-11 4771328]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\PROGRA~2\Raptr\raptrstub.exe --startup []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
D:\Program Files (x86)\Steam\steam.exe -silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Volume2]
D:\DOWNLOAD\Volume2\Volume2.exe [2015-01-11 4771328]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-11-20 767176]
"Live Update"=D:\Program Files (x86)\MSI\Live Update\Live Update.exe [2014-11-27 3484624]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"HideSCAVolume"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - "C:\Windows\system32\NOTEPAD.EXE" "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-02-09 13:04:19 ----D---- C:\rsit
2015-02-09 13:04:19 ----D---- C:\Program Files\trend micro
2015-02-09 09:25:53 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-02-09 09:25:53 ----A---- C:\Windows\system32\mstscax.dll
2015-02-09 09:25:47 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-02-08 20:21:08 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2015-02-08 18:55:02 ----D---- C:\Windows\system32\appmgmt
2015-02-08 18:00:34 ----A---- C:\Windows\system32\wmploc.DLL
2015-02-08 18:00:33 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-02-08 18:00:33 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-02-08 18:00:32 ----A---- C:\Windows\system32\wmp.dll
2015-02-08 17:56:48 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-02-08 17:56:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-02-08 17:56:44 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-02-08 17:56:44 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2015-02-08 17:56:43 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\wksprtPS.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\wksprt.exe
2015-02-08 17:56:43 ----A---- C:\Windows\system32\tsgqec.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-02-08 17:56:43 ----A---- C:\Windows\system32\mstsc.exe
2015-02-08 17:56:43 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2015-02-08 17:45:14 ----D---- C:\Windows\Migration
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-02-08 17:30:43 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-02-08 17:30:43 ----A---- C:\Windows\system32\rrinstaller.exe
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mfps.dll
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mfpmp.exe
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mferror.dll
2015-02-08 17:30:43 ----A---- C:\Windows\system32\mf.dll
2015-02-08 17:29:04 ----A---- C:\Windows\system32\WUDFSvc.dll
2015-02-08 17:29:04 ----A---- C:\Windows\system32\WUDFPlatform.dll
2015-02-08 17:29:04 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2015-02-08 17:29:04 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2015-02-08 17:29:01 ----A---- C:\Windows\system32\WUDFx.dll
2015-02-08 17:29:01 ----A---- C:\Windows\system32\WUDFHost.exe
2015-02-08 17:29:01 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2015-02-08 17:25:45 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2015-02-08 17:25:45 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-02-08 17:20:33 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe
2015-02-08 17:20:33 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe
2015-02-08 17:20:33 ----A---- C:\Windows\SYSWOW64\RMActivate.exe
2015-02-08 17:20:33 ----A---- C:\Windows\system32\RMActivate_isv.exe
2015-02-08 17:20:33 ----A---- C:\Windows\system32\RMActivate.exe
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\secproc.dll
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe
2015-02-08 17:20:32 ----A---- C:\Windows\SYSWOW64\msdrm.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc_ssp.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc_isv.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\secproc.dll
2015-02-08 17:20:32 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2015-02-08 17:20:32 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2015-02-08 17:20:32 ----A---- C:\Windows\system32\msdrm.dll
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDRU.DLL
2015-02-08 17:20:11 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-02-08 17:19:59 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2015-02-08 17:19:59 ----A---- C:\Windows\system32\msieftp.dll
2015-02-08 17:19:50 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2015-02-08 17:19:50 ----A---- C:\Windows\SYSWOW64\esent.dll
2015-02-08 17:19:50 ----A---- C:\Windows\system32\fsutil.exe
2015-02-08 17:19:50 ----A---- C:\Windows\system32\esent.dll
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\nvstor.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\nvraid.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\amdxata.sys
2015-02-08 17:19:50 ----A---- C:\Windows\system32\drivers\amdsata.sys
2015-02-08 17:19:49 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2015-02-08 17:19:42 ----A---- C:\Windows\system32\tquery.dll
2015-02-08 17:19:42 ----A---- C:\Windows\system32\mssrch.dll
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-02-08 17:19:41 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-02-08 17:19:41 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-02-08 17:19:41 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-02-08 17:19:41 ----A---- C:\Windows\system32\mssph.dll
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2015-02-08 17:19:40 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2015-02-08 17:19:40 ----A---- C:\Windows\system32\SearchFilterHost.exe
2015-02-08 17:19:40 ----A---- C:\Windows\system32\mssvp.dll
2015-02-08 17:19:40 ----A---- C:\Windows\system32\mssphtb.dll
2015-02-08 17:19:40 ----A---- C:\Windows\system32\msscntrs.dll
2015-02-08 17:19:26 ----A---- C:\Windows\system32\Wpc.dll
2015-02-08 17:19:26 ----A---- C:\Windows\system32\gameux.dll
2015-02-08 17:19:25 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2015-02-08 17:19:25 ----A---- C:\Windows\SYSWOW64\gameux.dll
2015-02-08 17:19:01 ----A---- C:\Windows\system32\wwansvc.dll
2015-02-08 17:19:01 ----A---- C:\Windows\system32\wwanprotdim.dll
2015-02-08 17:18:42 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-02-08 17:18:42 ----A---- C:\Windows\system32\WMPhoto.dll
2015-02-08 17:18:38 ----A---- C:\Windows\SYSWOW64\TSWorkspace.dll
2015-02-08 17:18:38 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-02-08 17:18:19 ----A---- C:\Windows\system32\ntshrui.dll
2015-02-08 17:18:18 ----A---- C:\Windows\SYSWOW64\ntshrui.dll
2015-02-08 17:18:01 ----A---- C:\Windows\SYSWOW64\netevent.dll
2015-02-08 17:18:01 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\netevent.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\netcorehc.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\iphlpsvc.dll
2015-02-08 17:18:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2015-02-08 17:17:28 ----A---- C:\Windows\system32\OxpsConverter.exe
2015-02-08 17:17:23 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2015-02-08 17:17:23 ----A---- C:\Windows\system32\xmllite.dll
2015-02-08 17:17:00 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2015-02-08 17:17:00 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2015-02-08 17:17:00 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2015-02-08 17:17:00 ----A---- C:\Windows\system32\dhcpcore6.dll
2015-02-08 17:16:49 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-02-08 17:16:49 ----A---- C:\Windows\system32\d3d10warp.dll
2015-02-08 17:16:45 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2015-02-08 17:16:45 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-02-08 17:16:41 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-02-08 17:16:38 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-02-08 17:16:38 ----A---- C:\Windows\system32\qdvd.dll
2015-02-08 17:16:35 ----A---- C:\Windows\SYSWOW64\charmap.exe
2015-02-08 17:16:35 ----A---- C:\Windows\system32\charmap.exe
2015-02-08 17:16:33 ----A---- C:\Windows\system32\shell32.dll
2015-02-08 17:16:32 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-02-08 17:16:02 ----A---- C:\Windows\system32\drivers\ataport.sys
2015-02-08 17:16:00 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-02-08 17:16:00 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-02-08 17:16:00 ----A---- C:\Windows\system32\WebClnt.dll
2015-02-08 17:16:00 ----A---- C:\Windows\system32\davclnt.dll
2015-02-08 17:15:44 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-02-08 17:15:44 ----A---- C:\Windows\system32\tzres.dll
2015-02-08 17:15:33 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-02-08 17:15:29 ----A---- C:\Windows\system32\drivers\fvevol.sys
2015-02-08 17:15:18 ----A---- C:\Windows\SYSWOW64\SmartcardCredentialProvider.dll
2015-02-08 17:15:18 ----A---- C:\Windows\SYSWOW64\credui.dll
2015-02-08 17:15:18 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2015-02-08 17:15:18 ----A---- C:\Windows\system32\credui.dll
2015-02-08 17:15:08 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2015-02-08 17:15:07 ----A---- C:\Windows\system32\mswsock.dll
2015-02-08 17:15:06 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2015-02-08 17:15:06 ----A---- C:\Windows\system32\WsmSvc.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2015-02-08 17:15:05 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WsmWmiPl.dll
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WsmAuto.dll
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2015-02-08 17:15:05 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2015-02-08 17:14:44 ----A---- C:\Windows\SYSWOW64\iologmsg.dll
2015-02-08 17:14:44 ----A---- C:\Windows\system32\iologmsg.dll
2015-02-08 17:14:44 ----A---- C:\Windows\system32\drivers\storport.sys
2015-02-08 17:14:44 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2015-02-08 17:14:44 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2015-02-08 17:13:05 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-02-08 17:13:05 ----A---- C:\Windows\system32\msi.dll
2015-02-08 17:11:10 ----A---- C:\Windows\SYSWOW64\cryptdlg.dll
2015-02-08 17:11:10 ----A---- C:\Windows\system32\cryptdlg.dll
2015-02-08 17:03:50 ----D---- C:\Program Files (x86)\Setup Files
2015-02-08 17:01:03 ----A---- C:\Windows\acpimof.dll
2015-02-08 17:00:58 ----D---- C:\MSI
2015-02-08 16:52:30 ----A---- C:\Windows\system32\scavengeui.dll
2015-02-06 12:26:51 ----A---- C:\Windows\WORDPAD.INI
2015-02-03 16:16:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-25 17:58:53 ----A---- C:\Windows\SYSWOW64\Access.dat
2015-01-25 17:51:23 ----D---- C:\Users\Pang\AppData\Roaming\Tunngle
2015-01-25 17:51:23 ----D---- C:\ProgramData\Tunngle
2015-01-25 17:51:21 ----A---- C:\Windows\system32\drivers\tap0901t.sys
2015-01-25 17:51:17 ----D---- C:\Program Files (x86)\Tunngle
2015-01-24 20:11:04 ----D---- C:\Windows\SYSWOW64\directx
2015-01-24 19:56:28 ----D---- C:\Users\Pang\AppData\Roaming\Teeworlds
2015-01-22 19:46:50 ----D---- C:\Program Files\ESET
2015-01-21 11:15:16 ----D---- C:\Users\Pang\AppData\Roaming\PhotoFiltre 7
2015-01-21 11:15:13 ----D---- C:\Program Files (x86)\PhotoFiltre 7
2015-01-14 09:48:08 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 09:48:07 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 09:48:07 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2015-01-14 09:48:07 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 09:48:07 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 09:48:07 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 09:48:05 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-14 09:47:56 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-01-14 09:47:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-01-14 09:47:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 09:47:54 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-01-14 09:47:54 ----A---- C:\Windows\system32\srcore.dll
2015-01-14 09:47:54 ----A---- C:\Windows\system32\srclient.dll
2015-01-14 09:47:54 ----A---- C:\Windows\system32\rstrui.exe
2015-01-13 17:55:48 ----A---- C:\Windows\system32\drivers\uvhid.sys
2015-01-13 17:55:48 ----A---- C:\Windows\system32\drivers\hidkmdf.sys
2015-01-13 17:55:45 ----D---- C:\ProgramData\Unified Remote
2015-01-11 21:20:37 ----D---- C:\Windows\Minidump
======List of files/folders modified in the last 1 month======
2015-02-09 13:04:19 ----RD---- C:\Program Files
2015-02-09 13:04:19 ----D---- C:\Windows\Temp
2015-02-09 12:53:06 ----D---- C:\Windows\system32\config
2015-02-09 12:48:51 ----D---- C:\Windows\Microsoft.NET
2015-02-09 11:38:27 ----D---- C:\Windows\SysWOW64
2015-02-09 11:38:27 ----D---- C:\Windows\System32
2015-02-09 11:38:11 ----D---- C:\Windows\winsxs
2015-02-09 11:38:00 ----SHD---- C:\System Volume Information
2015-02-09 11:05:03 ----D---- C:\ProgramData\Origin
2015-02-09 09:25:45 ----D---- C:\Windows\system32\catroot
2015-02-09 09:24:55 ----D---- C:\Windows\system32\catroot2
2015-02-08 20:21:01 ----A---- C:\Windows\system32\PnkBstrA.exe
2015-02-08 19:53:08 ----RD---- C:\Program Files (x86)
2015-02-08 19:52:49 ----D---- C:\Windows\system32\DriverStore
2015-02-08 19:52:49 ----D---- C:\Windows\system32\drivers
2015-02-08 19:52:49 ----D---- C:\Windows\inf
2015-02-08 19:45:12 ----SD---- C:\ProgramData\Microsoft
2015-02-08 19:04:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-02-08 18:55:02 ----SHD---- C:\Windows\Installer
2015-02-08 18:55:01 ----D---- C:\Program Files (x86)\SmartView2
2015-02-08 18:50:21 ----D---- C:\Program Files (x86)\Everest Ultimate Edition 5.50.2100 CZ FULL + SERIAL 100% funkn - by kopiha
2015-02-08 18:49:34 ----HD---- C:\ProgramData
2015-02-08 18:41:55 ----D---- C:\Windows
2015-02-08 18:03:45 ----D---- C:\Program Files\Windows Media Player
2015-02-08 18:03:45 ----D---- C:\Program Files (x86)\Windows Media Player
2015-02-08 18:03:37 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-02-08 18:03:36 ----D---- C:\Windows\system32\cs-CZ
2015-02-08 18:03:35 ----D---- C:\Windows\AppPatch
2015-02-08 18:03:29 ----D---- C:\Windows\SYSWOW64\wbem
2015-02-08 18:03:27 ----D---- C:\Windows\system32\drivers\en-US
2015-02-08 18:03:26 ----D---- C:\Windows\system32\wbem
2015-02-08 18:03:19 ----D---- C:\Windows\SYSWOW64\Dism
2015-02-08 18:03:17 ----D---- C:\Windows\system32\Dism
2015-02-08 18:03:15 ----RSD---- C:\Windows\Fonts
2015-02-08 18:03:15 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-02-08 18:02:57 ----D---- C:\Windows\PolicyDefinitions
2015-02-08 18:02:54 ----D---- C:\Windows\SYSWOW64\migration
2015-02-08 18:02:54 ----D---- C:\Windows\system32\migration
2015-02-08 17:51:22 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-02-08 17:03:54 ----D---- C:\Windows\Prefetch
2015-02-07 18:19:23 ----D---- C:\Program Files (x86)\Common Files
2015-02-07 18:17:29 ----RSD---- C:\Windows\assembly
2015-02-07 12:10:00 ----D---- C:\Users\Pang\AppData\Roaming\Origin
2015-02-07 12:07:19 ----D---- C:\ProgramData\Electronic Arts
2015-02-07 00:13:09 ----D---- C:\KMPlayer
2015-02-06 22:20:36 ----D---- C:\Users\Pang\AppData\Roaming\uTorrent
2015-02-06 17:20:35 ----D---- C:\Windows\Tasks
2015-02-06 17:20:35 ----D---- C:\Windows\system32\Tasks
2015-02-03 20:04:09 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-03 17:21:34 ----D---- C:\Users\Pang\AppData\Roaming\Skype
2015-01-30 14:58:51 ----D---- C:\Windows\system32\NDF
2015-01-25 12:53:02 ----D---- C:\ProgramData\Steam
2015-01-24 20:13:16 ----D---- C:\ProgramData\Package Cache
2015-01-17 14:56:15 ----D---- C:\ProgramData\Skype
2015-01-17 14:56:09 ----RD---- C:\Program Files (x86)\Skype
2015-01-14 21:41:16 ----D---- C:\Windows\system32\MRT
2015-01-14 21:41:16 ----D---- C:\Windows\debug
2015-01-14 21:41:02 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\D:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2010-10-22 14136]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-26 888536]
S3 cpuz137;cpuz137; \??\C:\Users\Pang\AppData\Local\Temp\cpuz137\cpuz137_x64.sys []
S3 NTIOLib_1_0_6;NTIOLib_1_0_6; \??\C:\Program Files (x86)\Setup Files\Ms7599vHK0\NTIOLib_X64.sys [2011-01-06 11888]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\Windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 uvhid;Unified Virtual HID; C:\Windows\system32\DRIVERS\uvhid.sys [2015-01-13 25592]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S3 xnacc;Služba ovladače pro řadič XBOX 360 pro systém Windows; C:\Windows\system32\DRIVERS\xnacc.sys [2009-07-14 679936]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; D:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-11-27 1732048]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-02-08 76152]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 107912]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-11-07 85096]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-07 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-02-03 114800]
S3 Origin Client Service;Origin Client Service; D:\hry\Origin\OriginClientService.exe [2015-02-07 1910128]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TunngleService;TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2015-01-17 762320]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-14 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 HiPatchService;Hi-Rez Studios Authenticate and Update Service; D:\hry\Hi-Rez-Smite\HiPatchService.exe [2015-01-12 9216]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S4 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2014-11-28 5419792]
-----------------EOF-----------------
Bohužel však tato složka neobsahuje žádné soubory. Dle internetu jsem se pokusil změnit nastavení minidump souboru na "Small memory dump (256 kB)" . Před tím tam bylo nastaveno "Výpis stavu paměti jádra"