VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

2 PC a sdílený problém - 2. počítač

https://forum.viry.cz:443/viewtopic.php?t=145376

Stránka 1 z 1

2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 12:42
od turquoisefly
Zadávala jsem prosbu o kontrolu prvního PC, teď bych sem ještě přidala druhé. U něj neustále Avast detekuje infekci - URL:Mal. Ve firefoxu se začala otevírat nová okna a nakonec se počítač začal sám restartovat, přičemž se interval zkracuje. Spustila jsem ho v nouzovém režimu, kde drží a prosím o kontrolu logů. Díky moc!

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Ilpeva (administrator) on ILPEVA-PC on 25-07-2015 13:34:36
Running from C:\Users\Ilpeva\Desktop
Loaded Profiles: Ilpeva (Available Profiles: Ilpeva)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(forum.viry.cz) C:\Users\Ilpeva\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-21-417826297-2065636235-3177541415-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-417826297-2065636235-3177541415-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {0ADA1816-069D-4B37-9079-E08CE0E3D5D2} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {39E03545-D27B-4C7F-AA51-755F6D46B273} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {40C0DD75-9C5A-408E-8739-AA61058D255D} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {523E032A-9B10-4954-B6D6-58DAD85EAF69} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {73E8F03A-EF64-4528-8CEC-4A40D77E543A} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {856F6AA3-D4D1-4906-9561-62289121A71F} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {9B543D5F-09A2-4ADE-B16F-9A0042336E66} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {A5FE8CF9-87B1-4166-BD85-FB735B011423} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-417826297-2065636235-3177541415-1001 -> {B19C74F4-3059-426F-BBF9-2436B9428590} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
Tcpip\Parameters: [DhcpNameServer] 83.240.0.215 83.240.0.136
Tcpip\..\Interfaces\{FD38A19A-E4ED-411C-A3BB-3E78CAFAEC7C}: [DhcpNameServer] 83.240.0.215 83.240.0.136

FireFox:
========
FF ProfilePath: C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Extension: ConaveurTApups - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\Extensions\f@2yT.net [2015-07-21]
FF Extension: MonsoonReuvuenue - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\Extensions\r@YRztkG.com [2015-07-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-29]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
S2 ff39eb65; c:\Program Files (x86)\coolsoft\coolsoft.dll [2549248 2015-07-20] () [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-27] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-11-29] (Disc Soft Ltd)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-01-01] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 13:34 - 2015-07-25 13:34 - 00009541 _____ C:\Users\Ilpeva\Desktop\FRST.txt
2015-07-25 13:34 - 2015-07-25 13:34 - 00000000 ____D C:\FRST
2015-07-25 13:33 - 2015-07-25 13:33 - 00112640 _____ (forum.viry.cz) C:\Users\Ilpeva\Desktop\FRSTLauncher.exe
2015-07-25 12:15 - 2015-07-25 12:14 - 01222144 _____ C:\Users\Ilpeva\Desktop\RSITx64.exe
2015-07-25 12:13 - 2015-07-25 12:13 - 02135552 _____ (Farbar) C:\Users\Ilpeva\Desktop\FRST64.exe
2015-07-21 14:57 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 14:57 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 14:57 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 14:57 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 14:57 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 14:57 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 14:57 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 14:57 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 14:57 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 14:57 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 07:23 - 2015-07-22 07:01 - 00000000 ____D C:\Program Files (x86)\Validity
2015-07-21 07:23 - 2015-07-22 07:00 - 00000000 ____D C:\Program Files (x86)\ConaveurTApups
2015-07-21 07:23 - 2015-07-22 07:00 - 00000000 ____D C:\Program Files (x86)\CeonvertApaps
2015-07-21 07:02 - 2015-07-25 11:47 - 00001848 _____ C:\Windows\setupact.log
2015-07-21 07:02 - 2015-07-21 07:02 - 00000000 _____ C:\Windows\setuperr.log
2015-07-20 15:35 - 2015-07-20 15:35 - 00000218 _____ C:\Users\Ilpeva\AppData\Local\recently-used.xbel
2015-07-20 14:09 - 2015-07-21 17:08 - 00001058 _____ C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
2015-07-20 12:31 - 2015-07-22 07:01 - 00000000 ____D C:\Program Files (x86)\ReplliApp
2015-07-20 12:31 - 2015-07-22 07:01 - 00000000 ____D C:\Program Files (x86)\MonsoonReuvuenue
2015-07-20 12:31 - 2015-07-21 07:23 - 00000000 ____D C:\ProgramData\13577716749516954695
2015-07-20 12:31 - 2015-07-20 18:31 - 00000000 ____D C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
2015-07-20 08:09 - 2015-07-20 08:09 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\Google
2015-07-20 08:09 - 2015-07-20 08:09 - 00000000 ____D C:\Program Files (x86)\coolsoft
2015-07-19 21:47 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 21:47 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-15 07:25 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 07:25 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 07:25 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 07:25 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 07:25 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 07:25 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 07:25 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 07:25 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 07:25 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 07:25 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 07:25 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 07:25 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 07:25 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 07:25 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 07:25 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 07:25 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 07:25 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 07:25 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 07:25 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 07:25 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 07:25 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 07:25 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 07:25 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 07:25 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 07:25 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 07:25 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 07:25 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 07:25 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 07:25 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 07:25 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 07:25 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 07:25 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 07:25 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 07:25 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 07:25 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 07:25 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 07:25 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 07:25 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 07:25 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 07:25 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 07:25 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 07:25 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 07:25 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 07:25 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 07:25 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 07:25 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 07:25 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 07:25 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 07:25 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 07:25 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 07:25 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 07:25 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 07:25 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 07:25 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 07:25 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 07:25 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 07:24 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 07:24 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 07:24 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 07:24 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 07:24 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 07:24 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 07:24 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 07:24 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 07:24 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 07:24 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 07:24 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 07:24 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 07:24 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 07:24 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 07:24 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 07:24 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 07:24 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 07:24 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 07:24 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 07:24 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 07:24 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 07:24 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 07:24 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 07:24 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 07:24 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 07:24 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 07:24 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 07:24 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 07:24 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 07:24 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 07:24 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 07:24 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 07:24 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 07:24 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 07:24 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 07:24 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 07:24 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 07:24 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 07:24 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 07:24 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 07:24 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 07:24 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 07:24 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 07:23 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 07:23 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 07:23 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 07:23 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 07:23 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 07:23 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 07:23 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 07:23 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 07:23 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 07:23 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 07:23 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 07:23 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 07:23 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 07:23 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 07:23 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 07:23 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 07:23 - 2015-06-11 19:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 07:23 - 2015-06-11 19:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-15 07:23 - 2015-06-11 19:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-13 00:21 - 2015-07-16 07:34 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-13 00:21 - 2015-07-16 07:33 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 00:21 - 2015-07-13 00:21 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-13 00:20 - 2015-07-13 00:23 - 00000000 ____D C:\ProgramData\Adobe
2015-07-11 20:12 - 2015-07-12 14:59 - 00000000 ____D C:\Users\Ilpeva\Documents\MightAndMagicXLegacy
2015-07-11 15:58 - 2015-07-11 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might & Magic X - Legacy
2015-07-06 09:28 - 2015-07-06 16:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:29 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-28 11:26 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-28 11:26 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-28 11:26 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-28 11:26 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-25 13:34 - 2014-11-29 23:28 - 00000000 ____D C:\Users\Ilpeva\Desktop\věci
2015-07-25 13:08 - 2015-03-04 08:26 - 00668564 _____ C:\Windows\system32\perfh005.dat
2015-07-25 13:08 - 2015-03-04 08:26 - 00141210 _____ C:\Windows\system32\perfc005.dat
2015-07-25 13:08 - 2015-03-01 17:12 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:45 - 2014-11-30 11:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-25 11:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-25 11:43 - 2014-11-30 12:55 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-25 11:34 - 2015-03-01 17:10 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:34 - 2015-03-01 17:10 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-25 11:29 - 2014-11-29 22:49 - 01633735 _____ C:\Windows\WindowsUpdate.log
2015-07-25 09:38 - 2015-04-04 16:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-21 16:17 - 2015-03-01 17:11 - 00411872 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 23:09 - 2015-01-07 21:39 - 00000000 ____D C:\Users\Ilpeva\AppData\Local\CrashDumps
2015-07-20 15:34 - 2014-11-30 00:12 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\BitLord
2015-07-20 12:34 - 2014-11-29 23:40 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
2015-07-20 12:34 - 2006-01-01 01:01 - 00000000 ____D C:\Windows\Minidump
2015-07-20 10:50 - 2015-05-19 07:47 - 00000000 ____D C:\Users\Ilpeva\Documents\The Witcher 3
2015-07-20 09:12 - 2015-01-18 17:31 - 00000000 ____D C:\Users\Ilpeva\Desktop\GMS
2015-07-19 21:48 - 2014-11-30 11:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-16 09:33 - 2015-04-04 16:26 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 09:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 07:17 - 2014-11-30 16:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 07:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 07:16 - 2014-12-10 08:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 07:14 - 2015-03-01 15:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-16 07:00 - 2014-11-30 16:21 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 06:53 - 2014-11-29 23:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-15 07:43 - 2014-11-30 12:55 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 07:43 - 2014-11-30 12:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 07:43 - 2014-11-30 12:55 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 07:00 - 2009-07-14 07:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-14 21:06 - 2014-11-30 11:38 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-14 21:06 - 2014-11-30 11:38 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 21:05 - 2015-03-01 17:12 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-14 21:05 - 2014-11-30 11:38 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-13 00:24 - 2014-11-30 13:00 - 00000000 ____D C:\Users\Ilpeva\AppData\Roaming\Adobe
2015-07-13 00:23 - 2014-11-30 12:55 - 00000000 ____D C:\Users\Ilpeva\AppData\Local\Adobe
2015-07-13 00:22 - 2015-03-01 15:53 - 00000000 ____D C:\Users\Ilpeva\Desktop\Office
2015-07-11 15:45 - 2015-01-02 11:22 - 00000000 ____D C:\Users\Ilpeva\AppData\Local\Setup Integrity Check
2015-07-06 16:20 - 2015-01-01 21:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43 - 2015-03-01 17:11 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-03 06:28 - 2014-11-30 11:25 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-28 11:30 - 2014-11-30 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-28 11:26 - 2015-06-01 19:19 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-27 08:52 - 2014-11-29 23:45 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys

==================== Files in the root of some directories =======

2014-11-30 00:12 - 2015-07-20 15:07 - 0000000 _____ () C:\Users\Ilpeva\AppData\Roaming\bitlord_log.txt
2015-07-20 15:35 - 2015-07-20 15:35 - 0000218 _____ () C:\Users\Ilpeva\AppData\Local\recently-used.xbel

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 04:31




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Nový svazek) (Fixed) (Total:244.14 GB) (Free:29.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:687.37 GB) (Free:106.74 GB) NTFS
Drive f: () (Fixed) (Total:55.89 GB) (Free:14.54 GB) NTFS
Drive h: (ČERVENÁ2) (Removable) (Total:3.77 GB) (Free:1.24 GB) FAT32

Available physical RAM: 3190.42 MB
Total physical RAM: 4094.49 MB
Percentage of memory in use: 22%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 55.9 GB) (Disk ID: 80368036)
Partition 1: (Active) - (Size=55.9 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 84FB1F93)
Partition 1: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=244.1 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows XP) (Size: 3.8 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Ilpeva\Desktop" je 49140 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay
C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 12:43
od turquoisefly
RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ilpeva at 2015-07-25 13:37:09
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 30 GB (12%) free of 250 GB
Total RAM: 4094 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:37:19, on 25.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
C:\Program Files\trend micro\Ilpeva.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7221 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="1356.0.129834669\87146772" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1356 "\\.\pipe\gecko-crash-server-pipe.1356" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --proxy-stub-channel=Flash1744.739ED9E8.32327 --host-broker-channel=Flash1744.739ED9E8.28678 --host-pid=1744 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe" --channel=512.0046F28C.1710580611 --proxy-stub-channel=Flash1744.739ED9E8.32327 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll" --host-npapi-version=28 --type=renderer
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\Windows\System32\svchost.exe -k swprv
"C:\Users\Ilpeva\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\
f@2yT.net
r@YRztkG.com

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-07-14 1710056]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-07-14 2631824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2015-07-14 1710056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-11 5515496]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-25 13:37:09 ----D---- C:\rsit
2015-07-25 13:37:09 ----D---- C:\Program Files\trend micro
2015-07-25 13:34:33 ----D---- C:\FRST
2015-07-25 11:51:50 ----A---- C:\Windows\ntbtlog.txt
2015-07-21 14:57:25 ----A---- C:\Windows\system32\atmfd.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-21 14:57:24 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\lpk.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\fontsub.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\dciman32.dll
2015-07-21 14:57:24 ----A---- C:\Windows\system32\atmlib.dll
2015-07-21 07:23:52 ----D---- C:\Program Files (x86)\ConaveurTApups
2015-07-21 07:23:48 ----D---- C:\Program Files (x86)\CeonvertApaps
2015-07-21 07:23:39 ----D---- C:\Program Files (x86)\Validity
2015-07-21 07:23:32 ----D---- C:\Program Files (x86)\ConveRRtApps
2015-07-20 12:31:44 ----D---- C:\Program Files (x86)\ReplliApp
2015-07-20 12:31:37 ----D---- C:\ProgramData\13577716749516954695
2015-07-20 12:31:27 ----D---- C:\Program Files (x86)\MonsoonReuvuenue
2015-07-20 12:31:06 ----D---- C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
2015-07-20 08:09:39 ----D---- C:\Program Files (x86)\coolsoft
2015-07-20 08:09:23 ----D---- C:\Users\Ilpeva\AppData\Roaming\Google
2015-07-19 21:47:48 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2015-07-19 21:47:48 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2015-07-15 07:25:30 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 07:25:29 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 07:25:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 07:25:27 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 07:25:27 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wups.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 07:25:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 07:25:23 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 07:25:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 07:25:21 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 07:25:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 07:25:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 07:25:20 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 07:25:19 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 07:25:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 07:25:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 07:25:15 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 07:25:14 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 07:25:14 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 07:25:13 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 07:25:11 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 07:25:11 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 07:25:09 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 07:25:09 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 07:25:09 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 07:25:08 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 07:25:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 07:25:07 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 07:25:07 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 07:25:06 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 07:25:06 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 07:25:06 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 07:25:04 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 07:25:04 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 07:25:04 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 07:25:03 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 07:25:03 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 07:25:03 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 07:25:03 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 07:25:02 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 07:25:01 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 07:24:59 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 07:24:59 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 07:24:58 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 07:24:56 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 07:24:55 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 07:24:54 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 07:24:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 07:24:48 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 07:24:48 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 07:24:44 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 07:24:44 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 07:24:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 07:24:24 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 07:24:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 07:24:23 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 07:24:23 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 07:24:22 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 07:24:22 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 07:24:22 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 07:24:22 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 07:24:21 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 07:24:21 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 07:24:21 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 07:23:59 ----A---- C:\Windows\system32\msi.dll
2015-07-15 07:23:58 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 07:23:58 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 07:23:58 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 07:23:58 ----A---- C:\Windows\system32\consent.exe
2015-07-15 07:23:58 ----A---- C:\Windows\system32\authui.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 07:23:57 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 07:23:57 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 07:23:57 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 07:23:57 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\rdpudd.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 07:23:47 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-07-15 07:23:42 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 07:23:42 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 07:23:41 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 07:23:41 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 07:23:41 ----A---- C:\Windows\system32\acmigration.dll
2015-07-13 00:21:04 ----D---- C:\Program Files (x86)\Adobe
2015-07-13 00:20:46 ----D---- C:\ProgramData\Adobe
2015-07-06 09:28:06 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-28 11:29:32 ----A---- C:\Windows\SYSWOW64\nvStreaming.exe
2015-06-28 11:26:28 ----A---- C:\Windows\system32\nvhdap64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvoglshim32.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvinit.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2015-06-28 11:26:27 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvumdshimx.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvopencl.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvoglv64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvoglshim64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvinitx.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvIFR64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\NvFBC64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvdispgenco6435330.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\nvdispco6435330.dll
2015-06-28 11:26:27 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2015-06-28 11:26:27 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2015-06-28 11:26:26 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvd3dumx.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcuvid.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcuda.dll
2015-06-28 11:26:26 ----A---- C:\Windows\system32\nvcompiler.dll

======List of files/folders modified in the last 1 month======

2015-07-25 13:37:09 ----RD---- C:\Program Files
2015-07-25 13:37:09 ----D---- C:\Windows\Temp
2015-07-25 13:35:31 ----D---- C:\Windows
2015-07-25 13:08:32 ----HD---- C:\Windows\System32
2015-07-25 13:08:32 ----D---- C:\Windows\inf
2015-07-25 13:08:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-25 11:45:07 ----D---- C:\ProgramData\NVIDIA
2015-07-25 09:41:07 ----SHD---- C:\System Volume Information
2015-07-25 09:38:59 ----D---- C:\Windows\system32\config
2015-07-25 09:38:56 ----SD---- C:\Windows\system32\GWX
2015-07-21 16:20:07 ----D---- C:\Windows\winsxs
2015-07-21 16:17:29 ----D---- C:\Windows\SysWOW64
2015-07-21 08:20:39 ----D---- C:\Windows\Prefetch
2015-07-21 07:23:52 ----RD---- C:\Program Files (x86)
2015-07-20 18:31:15 ----D---- C:\Windows\Tasks
2015-07-20 18:31:15 ----D---- C:\Windows\system32\Tasks
2015-07-20 15:34:54 ----D---- C:\Users\Ilpeva\AppData\Roaming\BitLord
2015-07-20 15:07:29 ----A---- C:\Users\Ilpeva\AppData\Roaming\bitlord_log.txt
2015-07-20 12:34:22 ----D---- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
2015-07-20 12:34:11 ----D---- C:\Windows\Minidump
2015-07-20 12:34:11 ----D---- C:\Windows\Logs
2015-07-20 12:34:11 ----D---- C:\Windows\debug
2015-07-20 12:31:37 ----HD---- C:\ProgramData
2015-07-19 21:48:57 ----D---- C:\ProgramData\NVIDIA Corporation
2015-07-19 21:48:30 ----D---- C:\Windows\system32\DriverStore
2015-07-19 21:48:08 ----D---- C:\Windows\system32\drivers
2015-07-16 09:33:59 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 09:13:49 ----D---- C:\Windows\rescache
2015-07-16 07:34:28 ----SHD---- C:\Windows\Installer
2015-07-16 07:17:06 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-16 07:17:06 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-16 07:17:06 ----D---- C:\Windows\system32\en-US
2015-07-16 07:17:06 ----D---- C:\Windows\system32\cs-CZ
2015-07-16 07:17:06 ----D---- C:\Windows\PolicyDefinitions
2015-07-16 07:17:05 ----D---- C:\Program Files\Internet Explorer
2015-07-16 07:17:05 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-16 07:17:00 ----SD---- C:\Windows\system32\CompatTel
2015-07-16 07:16:59 ----D---- C:\Windows\system32\wbem
2015-07-16 07:16:59 ----D---- C:\Windows\system32\appraiser
2015-07-16 07:16:59 ----D---- C:\Windows\AppPatch
2015-07-16 07:14:59 ----D---- C:\ProgramData\Microsoft Help
2015-07-16 07:00:41 ----D---- C:\Windows\system32\MRT
2015-07-15 07:43:21 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-15 07:22:41 ----D---- C:\Windows\system32\catroot2
2015-07-14 21:06:08 ----A---- C:\Windows\SYSWOW64\nvspcap.dll
2015-07-14 21:06:07 ----A---- C:\Windows\SYSWOW64\nvspbridge.dll
2015-07-14 21:05:57 ----A---- C:\Windows\system32\nvspcap64.dll
2015-07-14 21:05:57 ----A---- C:\Windows\system32\nvspbridge64.dll
2015-07-13 00:24:34 ----D---- C:\Users\Ilpeva\AppData\Roaming\Adobe
2015-07-13 00:21:04 ----D---- C:\Program Files (x86)\Common Files
2015-07-06 16:20:20 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-07-03 06:28:26 ----A---- C:\Windows\system32\nvaudcap64v.dll
2015-06-28 11:26:35 ----D---- C:\ProgramData\boost_interprocess

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-05-07 93528]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-11-29 283064]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-05-07 65736]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-05-07 272248]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-05-07 1047320]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-27 442264]
S2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-05-07 29168]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-05-07 89944]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-05-07 137288]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2015-01-17 21712]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-06-17 204648]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-07-14 19600]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-07-03 47976]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys [2007-04-23 108296]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys [2007-04-23 19720]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys [2007-04-23 144648]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys [2007-04-23 126216]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys [2007-04-23 123656]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TrueSight;TrueSight; \??\C:\Windows\System32\drivers\TrueSight.sys [2015-01-01 35064]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
S2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-07 343336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 ff39eb65;coolsoft; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-07-14 1155216]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-07-14 1871504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-07-14 5544592]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-06-17 410768]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 268976]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-06 148136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-30 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 16:38
od Rudy
Zdravím!
Jak je na tom váš oper. systém s legalitou?

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 20:04
od turquoisefly
Je to PC kamaráda, který je zrovna pryč, ale taky doufám, že je legální.

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 20:07
od Rudy
Takže opět dejte ty log z OTL, jako v předešlém vláknu.

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 20:08
od turquoisefly
Dobře... díky, že se nám věnujete.

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 21:32
od Rudy
Není zač.

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 22:27
od turquoisefly
Log:

OTL logfile created on: 25.7.2015 22:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ilpeva\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,87% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 28,48 Gb Free Space | 11,67% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 106,76 Gb Free Space | 15,53% Space Free | Partition Type: NTFS
Drive F: | 55,89 Gb Total Space | 14,54 Gb Free Space | 26,01% Space Free | Partition Type: NTFS

Computer Name: ILPEVA-PC | User Name: Ilpeva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.07.25 22:18:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
PRC - [2015.07.14 21:06:59 | 002,631,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.07.14 21:06:54 | 001,871,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2015.07.06 09:28:12 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.06.17 08:03:11 | 000,410,768 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015.05.11 21:16:22 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.05.07 21:15:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe


========== Modules (No Company Name) ==========

MOD - [2015.07.14 21:06:59 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2015.05.07 21:15:52 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.05.07 21:15:50 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.04.17 07:23:01 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV:64bit: - [2015.07.14 21:06:53 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2015.07.14 21:06:52 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV:64bit: - [2015.06.20 21:34:46 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.05.07 21:15:50 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:31 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (ff39eb65)
SRV - [2015.07.15 07:43:21 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.07.14 21:06:54 | 001,871,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.07.07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2015.07.06 09:28:11 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.06.17 08:03:11 | 000,410,768 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.04.12 00:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.07.14 21:06:52 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.06.27 08:52:14 | 000,442,264 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015.06.17 11:10:27 | 000,204,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.05.07 21:15:55 | 000,272,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.05.07 21:15:55 | 000,137,288 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.05.07 21:15:55 | 000,089,944 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.05.07 21:15:55 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.05.07 21:15:55 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.05.07 21:15:54 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.05.07 21:15:46 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2015.01.01 21:46:45 | 000,035,064 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2014.11.29 23:40:29 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.12.30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.04.23 13:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt)
DRV:64bit: - [2007.04.23 13:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007.04.23 13:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007.04.23 13:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007.04.23 13:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus)
DRV - [2015.01.17 19:44:00 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{0ADA1816-069D-4B37-9079-E08CE0E3D5D2}: "URL" = http://encyklopedie.seznam.cz/search?q= ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{39E03545-D27B-4C7F-AA51-755F6D46B273}: "URL" = http://www.novinky.cz/hledej?w={searchT ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{40C0DD75-9C5A-408E-8739-AA61058D255D}: "URL" = http://search.seznam.cz/?q={searchTerms ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{523E032A-9B10-4954-B6D6-58DAD85EAF69}: "URL" = http://www.mapy.cz/?query={searchTerms} ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{73E8F03A-EF64-4528-8CEC-4A40D77E543A}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{856F6AA3-D4D1-4906-9561-62289121A71F}: "URL" = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{9B543D5F-09A2-4ADE-B16F-9A0042336E66}: "URL" = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{A5FE8CF9-87B1-4166-BD85-FB735B011423}: "URL" = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..\SearchScopes\{B19C74F4-3059-426F-BBF9-2436B9428590}: "URL" = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
IE - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.05.07 21:15:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2015.01.01 21:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Extensions
[2015.07.21 07:23:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions
[2015.07.21 07:23:53 | 000,000,000 | ---D | M] (ConaveurTApups) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\f@2yT.net
[2015.07.20 12:32:16 | 000,000,000 | ---D | M] (MonsoonReuvuenue) -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\extensions\r@YRztkG.com
[2015.07.06 09:28:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.07.06 09:28:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-417826297-2065636235-3177541415-1001..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-417826297-2065636235-3177541415-1001\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.215 83.240.0.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD38A19A-E4ED-411C-A3BB-3E78CAFAEC7C}: DhcpNameServer = 83.240.0.215 83.240.0.136
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.01.01 21:59:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.01.11 21:57:14 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{8bf01b3c-91da-11e4-b68a-001a4d6524fd}\Shell - "" = AutoRun
O33 - MountPoints2\{8bf01b3c-91da-11e4-b68a-001a4d6524fd}\Shell\AutoRun\command - "" = "H:\WD SmartWare.exe" autoplay=true
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.07.25 22:18:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
[2015.07.25 13:37:09 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.07.25 13:37:09 | 000,000,000 | ---D | C] -- C:\rsit
[2015.07.25 13:34:33 | 000,000,000 | ---D | C] -- C:\FRST
[2015.07.25 12:24:09 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\AppData\Local\ElevatedDiagnostics
[2015.07.25 12:13:50 | 002,135,552 | ---- | C] (Farbar) -- C:\Users\Ilpeva\Desktop\FRST64.exe
[2015.07.21 14:57:25 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.21 14:57:24 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.21 14:57:24 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.21 14:57:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.21 14:57:24 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.21 14:57:24 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.21 14:57:24 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.21 14:57:24 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.21 07:23:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConaveurTApups
[2015.07.21 07:23:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CeonvertApaps
[2015.07.21 07:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Validity
[2015.07.21 07:23:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ConveRRtApps
[2015.07.20 12:31:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ReplliApp
[2015.07.20 12:31:37 | 000,000,000 | ---D | C] -- C:\ProgramData\13577716749516954695
[2015.07.20 12:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonsoonReuvuenue
[2015.07.20 12:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\{1f0a5c40-b158-919b-1f0a-a5c40b157102}
[2015.07.20 08:09:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\coolsoft
[2015.07.20 08:09:23 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\AppData\Roaming\Google
[2015.07.19 21:47:48 | 000,065,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015.07.19 21:47:48 | 000,047,976 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.07.15 07:25:30 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cewmdm.dll
[2015.07.15 07:25:29 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cewmdm.dll
[2015.07.15 07:25:27 | 003,154,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.15 07:25:27 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.15 07:25:27 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.15 07:25:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.15 07:25:27 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.15 07:25:27 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.15 07:25:27 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.15 07:25:27 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.15 07:25:27 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.15 07:25:27 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.15 07:25:26 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.15 07:25:26 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.15 07:25:26 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.15 07:25:26 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.15 07:25:26 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.15 07:25:21 | 000,404,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.07.15 07:25:20 | 005,923,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.07.15 07:25:20 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.07.15 07:25:19 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.07.15 07:25:16 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.15 07:25:14 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.15 07:25:09 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.07.15 07:25:09 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.07.15 07:25:09 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.07.15 07:25:09 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.07.15 07:25:09 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.07.15 07:25:08 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.07.15 07:25:07 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.07.15 07:25:07 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.07.15 07:25:07 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.07.15 07:25:06 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.07.15 07:25:04 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.07.15 07:25:04 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.07.15 07:25:04 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2015.07.15 07:25:04 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.07.15 07:25:04 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.07.15 07:25:03 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.07.15 07:25:03 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.07.15 07:25:03 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.07.15 07:25:03 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.07.15 07:25:02 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.07.15 07:25:01 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.07.15 07:25:01 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.07.15 07:24:59 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.07.15 07:24:59 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.07.15 07:24:59 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.07.15 07:24:59 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.07.15 07:24:59 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.07.15 07:24:58 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.07.15 07:24:56 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.07.15 07:24:56 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2015.07.15 07:24:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.07.15 07:24:54 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.07.15 07:24:54 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.07.15 07:24:54 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.07.15 07:24:48 | 002,087,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.15 07:24:44 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.07.15 07:24:44 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.07.15 07:24:44 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015.07.15 07:24:24 | 001,216,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.15 07:24:23 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.15 07:24:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.15 07:24:22 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.07.15 07:24:22 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.15 07:24:22 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.15 07:24:22 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.15 07:24:22 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.15 07:24:22 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.15 07:24:22 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.15 07:24:22 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.15 07:24:22 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.15 07:24:21 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.15 07:24:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.15 07:24:21 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.15 07:23:59 | 003,242,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2015.07.15 07:23:58 | 001,941,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2015.07.15 07:23:58 | 001,805,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2015.07.15 07:23:58 | 000,112,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2015.07.15 07:23:57 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2015.07.15 07:23:57 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2015.07.15 07:23:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msimsg.dll
[2015.07.15 07:23:57 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msimsg.dll
[2015.07.15 07:23:47 | 001,112,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015.07.15 07:23:47 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015.07.15 07:23:47 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2015.07.15 07:23:42 | 001,145,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.15 07:23:42 | 001,085,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.15 07:23:42 | 000,765,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.15 07:23:42 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.15 07:23:42 | 000,433,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.15 07:23:41 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.15 07:23:41 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.15 07:23:41 | 000,017,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.13 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2015.07.13 00:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015.07.13 00:20:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015.07.11 20:12:31 | 000,000,000 | ---D | C] -- C:\Users\Ilpeva\Documents\MightAndMagicXLegacy
[2015.07.11 15:58:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might & Magic X - Legacy
[2015.07.06 09:28:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.06.28 11:29:32 | 000,571,024 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.06.28 11:26:28 | 000,040,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll
[2015.06.28 11:26:27 | 030,481,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.06.28 11:26:27 | 022,947,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.06.28 11:26:27 | 016,145,200 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.06.28 11:26:27 | 013,263,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.06.28 11:26:27 | 001,898,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435330.dll
[2015.06.28 11:26:27 | 001,557,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435330.dll
[2015.06.28 11:26:27 | 001,099,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.06.28 11:26:27 | 001,060,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.06.28 11:26:27 | 001,050,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.06.28 11:26:27 | 000,982,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.06.28 11:26:27 | 000,975,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.06.28 11:26:27 | 000,938,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.06.28 11:26:27 | 000,503,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015.06.28 11:26:27 | 000,408,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015.06.28 11:26:27 | 000,407,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015.06.28 11:26:27 | 000,364,176 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015.06.28 11:26:27 | 000,204,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys
[2015.06.28 11:26:27 | 000,176,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.06.28 11:26:27 | 000,155,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.06.28 11:26:27 | 000,150,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.06.28 11:26:27 | 000,128,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.06.28 11:26:26 | 015,866,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.06.28 11:26:26 | 014,497,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.06.28 11:26:26 | 011,831,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.06.28 11:26:26 | 002,932,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.06.28 11:26:26 | 002,599,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

========== Files - Modified Within 30 Days ==========

[2015.07.25 22:22:23 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.07.25 22:18:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ilpeva\Desktop\OTL.exe
[2015.07.25 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.07.25 21:28:07 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.07.25 21:28:07 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.07.25 20:49:49 | 001,583,226 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.07.25 20:49:49 | 000,668,564 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.07.25 20:49:49 | 000,653,930 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.07.25 20:49:49 | 000,141,210 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.07.25 20:49:49 | 000,121,802 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.07.25 20:42:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.07.25 15:43:48 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2015.07.25 12:14:46 | 001,222,144 | ---- | M] () -- C:\Users\Ilpeva\Desktop\RSITx64.exe
[2015.07.25 12:13:44 | 002,135,552 | ---- | M] (Farbar) -- C:\Users\Ilpeva\Desktop\FRST64.exe
[2015.07.21 17:08:48 | 000,001,058 | ---- | M] () -- C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
[2015.07.21 16:17:55 | 000,411,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.07.20 15:35:08 | 000,000,218 | ---- | M] () -- C:\Users\Ilpeva\AppData\Local\recently-used.xbel
[2015.07.15 07:43:21 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.07.15 07:43:21 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.07.15 05:19:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.07.15 05:19:50 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.07.15 05:19:46 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.07.15 05:19:45 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.07.15 04:55:37 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.07.15 04:55:32 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.07.15 03:59:42 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.07.15 03:52:35 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.07.14 21:06:08 | 001,423,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2015.07.14 21:06:07 | 001,316,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015.07.14 21:05:57 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015.07.14 21:05:57 | 001,710,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[2015.07.09 19:59:59 | 000,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2015.07.09 19:58:56 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.07.09 19:58:56 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.07.09 19:58:56 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.07.09 19:58:55 | 003,154,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.07.09 19:58:55 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.07.09 19:58:55 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.07.09 19:58:41 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.07.09 19:58:34 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.07.09 19:58:31 | 000,765,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.07.09 19:58:26 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.07.09 19:58:25 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.07.09 19:58:24 | 001,085,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.07.09 19:58:23 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.07.09 19:58:23 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.07.09 19:58:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.07.09 19:58:20 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.07.09 19:50:11 | 001,145,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.07.09 19:43:25 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.07.09 19:43:25 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.07.09 19:43:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.07.09 19:43:24 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.07.09 19:42:47 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.07.04 20:07:11 | 002,087,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2015.07.03 06:28:26 | 000,069,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvaudcap64v.dll
[2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2015.07.03 06:28:25 | 000,065,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2015.07.02 22:46:34 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.07.02 22:12:26 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.07.01 22:49:45 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.07.01 22:49:45 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.07.01 22:49:42 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.07.01 22:49:41 | 001,216,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2015.07.01 22:49:23 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.07.01 22:49:11 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.07.01 22:48:34 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2015.07.01 22:47:18 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.07.01 22:43:51 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.07.01 22:43:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.07.01 22:39:24 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.07.01 22:29:46 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.07.01 22:27:04 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.07.01 22:26:52 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.07.01 22:24:59 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.06.27 08:52:14 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswsp.sys
[2015.06.27 04:47:11 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.06.27 04:43:26 | 005,923,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.06.27 03:58:17 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll

========== Files Created - No Company Name ==========

[2015.07.25 22:22:23 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.07.25 12:15:02 | 001,222,144 | ---- | C] () -- C:\Users\Ilpeva\Desktop\RSITx64.exe
[2015.07.20 15:35:08 | 000,000,218 | ---- | C] () -- C:\Users\Ilpeva\AppData\Local\recently-used.xbel
[2015.07.20 14:09:18 | 000,001,058 | ---- | C] () -- C:\Users\Ilpeva\Desktop\visit www.nosteam.ro.lnk
[2015.07.13 00:21:06 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[2015.06.28 11:26:26 | 042,729,104 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2015.06.28 11:26:26 | 037,748,880 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2014.11.30 11:33:00 | 001,557,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.11.29 23:36:53 | 000,538,126 | --S- | C] () -- C:\Windows\SysWow64\libcurl-4.dll
[2014.11.29 23:36:53 | 000,192,512 | --S- | C] () -- C:\Windows\SysWow64\libidn-11.dll
[2014.11.29 23:36:53 | 000,133,632 | --S- | C] () -- C:\Windows\SysWow64\librtmp.dll
[2014.11.29 23:36:53 | 000,100,864 | --S- | C] () -- C:\Windows\SysWow64\zlib1.dll

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.02.13 07:22:33 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.03.07 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\11bitstudios
[2014.11.29 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\AVAST Software
[2015.07.20 15:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\BitLord
[2015.07.20 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
[2015.01.04 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\MPC-HC
[2014.12.06 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect
[2014.11.30 00:13:17 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Python-Eggs
[2015.06.14 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz
[2014.12.02 00:30:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Steam
[2015.01.01 23:18:18 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Synei
[2015.04.25 10:12:15 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Trine3
[2015.05.10 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2014.11.30 12:55:56 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.04.05 04:47:20 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.09.08 04:30:37 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.04.05 04:37:43 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.09.07 04:27:48 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe

< >

< %systemroot%*.* /U /s >
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[8 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015.03.07 18:50:44 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\11bitstudios
[2015.07.13 00:24:34 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Adobe
[2014.11.29 23:45:55 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\AVAST Software
[2015.07.20 15:34:54 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\BitLord
[2015.07.20 12:34:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\DAEMON Tools Lite
[2015.07.20 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Google
[2014.11.29 22:50:42 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Identities
[2015.03.08 14:47:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\InstallShield
[2014.11.30 13:00:30 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Macromedia
[2010.11.21 09:16:46 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Media Center Programs
[2015.06.11 07:16:41 | 000,000,000 | --SD | M] -- C:\Users\Ilpeva\AppData\Roaming\Microsoft
[2015.01.01 21:36:02 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Mozilla
[2015.01.04 14:10:33 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\MPC-HC
[2014.12.06 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect
[2015.01.21 11:58:43 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\NVIDIA
[2014.11.30 00:13:17 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Python-Eggs
[2015.03.08 15:05:41 | 000,000,000 | RH-D | M] -- C:\Users\Ilpeva\AppData\Roaming\SecuROM
[2015.06.14 17:44:59 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz
[2014.12.02 00:30:51 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Steam
[2015.01.01 23:18:18 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Synei
[2015.04.25 10:12:15 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Trine3
[2015.01.24 11:00:36 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\vlc
[2015.05.10 21:53:07 | 000,000,000 | ---D | M] -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood

< %APPDATA%\*.exe /s >
[2015.07.16 22:41:40 | 000,466,544 | ---- | M] (Google Inc.) -- C:\Users\Ilpeva\AppData\Roaming\Google\downloader.exe
[2015.01.24 10:39:45 | 000,158,000 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Mozilla\Firefox\Profiles\hfh91qv6.default-1420658609984\FlashGot.exe
[2014.12.06 21:31:08 | 001,191,265 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Murdered - Soul Suspect\Uninstall\unins000.exe
[2013.05.16 15:25:04 | 001,062,472 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\szninstall.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 13:52:34 | 000,055,808 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2015.05.26 13:36:54 | 000,073,896 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
[2015.05.26 13:38:58 | 000,457,384 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
[2015.05.26 13:38:44 | 000,103,080 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe
[2015.05.10 20:17:51 | 000,988,513 | ---- | M] () -- C:\Users\Ilpeva\AppData\Roaming\Wolfenstein - The Old Blood\Uninstall\unins000.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2015.07.25 21:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2014.12.12 19:21:24 | 007,394,584 | ---- | M] (Piriform Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015.07.06 09:28:12 | 000,377,000 | ---- | M] (Mozilla Corporation) MD5=1CE7982AA6A983F4C49A32C8D624237B -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015.06.25 19:43:43 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=A7B6589F92C9CB498CDBA42EBEB23EE4 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.07.25 22:22:23 | 000,000,512 | ---- | M] () MD5=E49349C52160A20C754B8A745A5B8A36 -- C:\PhysicalMBR.bin

< >

< *crack* /s >

< *keygen* /s >

< *loader* /s >
[2012.02.07 18:11:22 | 000,008,192 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\_win32sysloader.pyd
[2013.08.27 12:42:52 | 000,005,612 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\deluge-2.3.2_245-py2.6.egg\deluge\httpdownloader.pyc
[2011.07.06 14:32:14 | 000,001,878 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\etc\gtk-2.0\gdk-pixbuf.loaders
[2011.07.06 14:32:14 | 000,014,336 | ---- | M] () -- \Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
[2006.10.26 14:40:34 | 000,057,344 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.dll
[2006.10.26 14:40:34 | 000,005,120 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\coloader.tlb
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\ExtensionLoader.dll
[2015.05.13 08:52:27 | 000,057,592 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2015.05.13 08:52:27 | 000,065,784 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2015.05.13 08:52:27 | 000,073,976 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2015.05.13 08:52:27 | 000,090,872 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Program Files (x86)\Seznam.cz\distribution\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015.04.17 07:22:56 | 000,072,440 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2015.04.17 07:22:56 | 000,085,336 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2015.04.09 02:58:18 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXLoader.dll
[2015.04.09 02:58:18 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXLoader64.dll
[2015.04.09 02:58:18 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXUpdateLoader.dll
[2015.04.09 02:58:18 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{3A2AEB39-D907-4E6C-B841-675A730FE89A}\files\Common\PhysXUpdateLoader64.dll
[2015.05.13 08:52:27 | 000,057,592 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXLoader.dll
[2015.05.13 08:52:27 | 000,065,784 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXLoader64.dll
[2015.05.13 08:52:27 | 000,073,976 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXUpdateLoader.dll
[2015.05.13 08:52:27 | 000,090,872 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\Display.PhysX.{AF1F19C3-CF70-49C5-950B-758A265DB662}\files\Common\PhysXUpdateLoader64.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \Program Files\NVIDIA Corporation\Installer2\installer.{4B166A5D-0E8B-436C-BA66-B379C5EAD079}\NVI2DownloaderExt.DLL
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \ProgramData\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.DLL
[2015.07.14 21:06:43 | 001,176,720 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\GFExperience\ExtensionLoader.dll
[2015.07.14 21:06:54 | 000,916,112 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVDownloader.dll
[2015.07.14 21:05:59 | 000,028,430 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.CFG
[2015.07.14 21:06:55 | 000,828,048 | ---- | M] () -- \Users\All Users\NVIDIA Corporation\GeForce Experience\Update\NVI2\NVI2DownloaderExt.DLL
[2015.07.20 12:31:41 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\3E50\images\loader.gif
[2015.07.20 12:31:11 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\D1C0\images\loader.gif
[2015.07.20 12:31:17 | 000,002,193 | ---- | M] () -- \Users\Ilpeva\AppData\Local\Temp\FA00\images\loader.gif
[2015.07.16 22:41:40 | 000,466,544 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Google\downloader.exe
[2015.05.26 13:37:42 | 000,078,504 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\14059libfoxloader.dll
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\bin\14063libfoxloader-x64.dll
[2015.05.28 07:23:17 | 000,000,165 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2013.01.09 12:41:56 | 000,030,608 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\install\cz.seznam.software.libfoxloader-3.0.0-win32.zip
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\Ilpeva\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2015.03.01 15:04:57 | 000,082,784 | ---- | M] () -- \Windows\assembly\GAC\IALoader\1.7.6223.0__31bf3856ad364e35\IALoader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:36 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_68daf829926cc6a9\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_68c05c919281774d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:38:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_68a2edab92971725\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:11:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_6885643192acd650\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:20:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_68ba756992852e6b\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_695ac552ab919bbb\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_6907efc6abd0db81\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 19:35:00 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_6957a248ab947a6d\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 08:20:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 04:18:31 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 13:03:17 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 07:05:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_696a2894ab871300\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:58:34 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_6945eaeaaba13425\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.12 01:11:48 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.efi.mui_35ee487d
[2015.03.12 01:11:48 | 000,034,752 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winload.exe.mui_3bc5b827
[2015.03.12 01:11:48 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.efi.mui_f412814e
[2015.03.12 01:11:48 | 000,030,136 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013_winresume.exe.mui_ff8b5358
[2015.03.12 01:11:47 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.efi.mui_35ee487d
[2015.03.12 01:11:48 | 000,033,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winload.exe.mui_3bc5b827
[2015.03.12 01:11:48 | 000,029,624 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.efi.mui_f412814e
[2015.03.12 01:11:48 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71_winresume.exe.mui_ff8b5358
[2015.03.12 01:11:56 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2015.03.12 01:11:56 | 000,693,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.efi_75834aa0
[2015.03.12 01:11:56 | 000,619,056 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winload.exe_75835076
[2015.03.12 01:11:57 | 000,616,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.efi_85cd069f
[2015.03.12 01:11:57 | 000,532,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.14 21:36:23 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.13 20:18:36 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 09:05:43 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_d28dabacfdb4dd1a.manifest
[2015.02.03 06:49:45 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_9144f07b13c42013.manifest
[2015.02.03 05:35:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_d49b3bd6fabe7c71.manifest
[2014.12.13 03:58:08 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_d5571c3e13b55aff.manifest
[2015.01.13 00:17:17 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_d53a7a6013cbe180.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.01.16 08:36:33 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_d53c7af413ca142e.manifest
[2015.01.27 07:32:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_cs-cz_91d08fc02cdfefb2.manifest
[2015.01.27 06:02:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_d526db1c13da4c10.manifest
[2015.02.03 07:30:16 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_91d591322cdb6e65.manifest
[2015.02.03 05:54:55 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_d52bdc8e13d5cac3.manifest
[2015.03.17 08:28:02 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_cs-cz_91faa7482cc099d9.manifest
[2015.03.17 07:14:37 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_d550f2a413baf637.manifest
[2015.04.27 22:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.04.27 21:23:13 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_d523b26013dd334d.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.05.25 20:25:12 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_d505433013f3b9ce.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2015.02.03 05:51:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_b9293c0383618646.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2014.12.12 08:29:00 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_b9e51c6a9c5864d4.manifest
[2015.01.12 05:50:53 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_b9c87a8c9c6eeb55.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.01.27 06:22:06 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_b9b4db489c7d55e5.manifest
[2015.02.03 06:17:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_b9b9dcba9c78d498.manifest
[2015.03.17 07:34:28 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_b9def2d09c5e000c.manifest
[2015.04.27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17617_none_0cbc5ca5da0f5573\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:30 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17932_none_0ca1c10dda240617\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:50:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18798_none_0c66c8adda4f651a\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:18:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.21728_none_0d3c29cef3342a85\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.11.30 14:22:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22091_none_0ce95442f3736a4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.10.04 18:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 07:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.29 03:54:48 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.03.04 12:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.03.17 06:42:28 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23002_none_0d4b8d10f329a1ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 25 črc 2015 22:28
od turquoisefly
OTL Extras logfile created on: 25.7.2015 22:20:36 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ilpeva\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17914)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 62,87% Memory free
8,00 Gb Paging File | 6,21 Gb Available in Paging File | 77,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,14 Gb Total Space | 28,48 Gb Free Space | 11,67% Space Free | Partition Type: NTFS
Drive D: | 687,37 Gb Total Space | 106,76 Gb Free Space | 15,53% Space Free | Partition Type: NTFS
Drive F: | 55,89 Gb Total Space | 14,54 Gb Free Space | 26,01% Space Free | Partition Type: NTFS

Computer Name: ILPEVA-PC | User Name: Ilpeva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01098462-F18A-4D5C-BA8C-05897A955784}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14330F0D-8333-4D1D-AC88-1EAF25299E42}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{22E6BD89-989D-4ED6-93DE-253C576486BC}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2C925185-80EB-4FAE-B115-8FCE1A96E5F1}" = lport=139 | protocol=6 | dir=in | app=system |
"{344626C4-F172-4534-9E59-98F699789602}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{3B5DBABF-8E4D-4D80-9A22-BF579903ACB1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{41BB20F1-53F3-4509-AA93-E4EE8E619B4F}" = rport=445 | protocol=6 | dir=out | app=system |
"{49EC3197-E4A4-4F5B-A703-B60651CF2740}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4B41BA76-6E69-4B83-936B-7347F217539D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{51FC1601-587C-4E2F-87A0-ACEFF4D54619}" = rport=138 | protocol=17 | dir=out | app=system |
"{549FC5C9-E41D-4A31-94B8-3037E526C350}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5697B823-9319-4889-890B-9A457A5857B9}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5B1278AF-1DBB-468F-9BC5-D709DAFE6504}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{7825600F-BCBD-414A-8223-0E6A7322FFD3}" = lport=138 | protocol=17 | dir=in | app=system |
"{7BEA3377-9504-43D3-9127-2B65DE4E2AAA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7FF0ECF2-69C0-4614-9392-E7EB2CC591B6}" = rport=10243 | protocol=6 | dir=out | app=system |
"{83583CB7-DE1B-4C64-8543-1E8A9D5996EF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9E0ABBBD-FBBA-4EE4-B820-122A6497861B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A1F526F2-19A2-4673-BA33-1950181B9DC0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A88A4D5D-AE2F-4CA6-BC66-998554C0242A}" = rport=137 | protocol=17 | dir=out | app=system |
"{AAE55392-B4D6-4EB4-AEF7-6FECA012E67F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{AECEDE81-A2DF-4CEF-95D7-9FAD335A250E}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{CF6A3BF3-6E25-4652-8EFF-73B0B6E75B31}" = rport=139 | protocol=6 | dir=out | app=system |
"{D2E63107-D459-4F5B-8F06-39223CBC65CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D596D379-D5D5-4248-8575-F91CADFCF9E2}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{DD866E0A-D082-4898-AA49-5C715D4E0460}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E80E2F26-5891-4117-B6EB-FA3ED00AC71D}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9ABBA08-D952-465F-9B95-BA334C4C26FD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF00B98E-C21A-470A-A5DC-021CC19731EC}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{F30324F3-6B31-4CD5-BA3A-7602417173FB}" = lport=445 | protocol=6 | dir=in | app=system |
"{F4CBA8AE-D898-4421-A4FE-FE78F32A869C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{017548A9-DE37-4FF1-A7D6-84696DE1FBB1}" = protocol=6 | dir=in | app=c:\users\ilpeva\appdata\roaming\google\downloader.exe |
"{01DC512C-4FD4-46CF-A835-1E8D67E6CF62}" = protocol=6 | dir=in | app=d:\games\might & magic x legacy\might & magic x - legacy\might and magic x legacy.exe |
"{0A386803-449E-4672-9D24-F061A87BAFDA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{12226B57-6134-487A-926D-E94F66788976}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{14AE464B-5A55-4658-B831-F405ED254258}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{161BA74C-76B8-4AFE-A994-F6E80F09F880}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{183868B5-08C4-4239-A34A-A62AF59686B8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1FEE2EF3-E312-4B81-8A11-9718E7819D85}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2F51C401-3655-4D38-B8C5-050462E61BE9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2F884907-4828-4C64-9292-FF877093E132}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3A4E12D5-44CC-4A7B-BD33-6B0506CC7936}" = protocol=17 | dir=in | app=c:\users\ilpeva\appdata\roaming\google\downloader.exe |
"{3BA6FBE3-225C-4113-B44D-2CE6BCBD99C7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3ED11A7D-173C-4900-8D94-0E3504EF8D76}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{481B078E-9D5C-41EA-8C6F-BF1319A170AE}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic_online.exe |
"{70D2EA45-512E-4255-979D-D360017B5AD8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{77E63FA8-CB3F-42E8-B551-54742F13A3D1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{802B9C98-CCA5-4E81-93F2-6AB20E36C78F}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic_ds.exe |
"{81B14AB1-0815-461D-85AA-2C89187D970E}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic_online.exe |
"{85B12B05-FD99-4C91-A7E3-DC0293A8FC06}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{86925E3F-36F0-4E75-8395-5121428D14CA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{8AB813C6-5B78-496D-8EEB-D6E65EDB5DAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8B55513C-A4EC-4609-8D6A-CFCC9C1BB980}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8CADCEA2-A3F9-49FA-BC02-19303C652037}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8F410F21-33CB-42C5-AB7E-9C366FD0491A}" = protocol=17 | dir=in | app=d:\games\world in conflict\wic.exe |
"{A3DB1020-70B8-44E1-BB71-BFD2B8FD337E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB0A2289-5BDD-4D3F-82BD-75EBF8369F28}" = protocol=17 | dir=in | app=d:\games\might & magic x legacy\might & magic x - legacy\might and magic x legacy.exe |
"{BCE2A7B0-95A7-4CC8-AE4E-E7F83B427969}" = protocol=17 | dir=in | app=d:\games\xcom\xcom - enemy within\binaries\win32\xcomew.exe |
"{C2C9C20C-3500-47C0-ADAA-0DE299C15301}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CEB1859F-170A-43BD-AB64-C47BF21BAB32}" = protocol=6 | dir=in | app=d:\games\xcom\xcom - enemy within\binaries\win32\xcomew.exe |
"{CF702278-799C-47EC-B7A3-5E1C4A2880A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4F712DF-54B5-4963-8255-F8E152B0FCD9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E72542F4-3A53-430B-B2A5-5D8717253A47}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E8D91A0F-35CD-455F-97D4-6E0125FD5C10}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic.exe |
"{EAE4E3A0-7041-4E6E-B154-FF9E984968B8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED36527F-0D72-4A03-AD32-5B836F08C323}" = protocol=6 | dir=in | app=d:\games\world in conflict\wic_ds.exe |
"{EEF21C2A-A6D5-45D8-B15D-D85B4FA9AED7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF194D5D-9BCE-41DF-BB92-33A6EC54E5AE}" = protocol=6 | dir=out | app=system |
"TCP Query User{02CC1350-31AB-4B04-9881-AD71B7DC6E52}D:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe" = protocol=6 | dir=in | app=d:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe |
"TCP Query User{1370165F-31ED-49FC-9CF6-1FAF1D7B10BF}D:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe" = protocol=6 | dir=in | app=d:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe |
"TCP Query User{3D9369D5-2079-44A3-8B41-18488250DF34}C:\users\ilpeva\desktop\věci\starcrawlers.exe" = protocol=6 | dir=in | app=c:\users\ilpeva\desktop\věci\starcrawlers.exe |
"TCP Query User{6AD0F684-E384-4A30-95B9-26A8F2839B02}D:\games\grey goo\grey goo\instanceserverg.exe" = protocol=6 | dir=in | app=d:\games\grey goo\grey goo\instanceserverg.exe |
"TCP Query User{7E1991F8-B8C7-40AB-95B0-C7F5517DD39D}D:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=6 | dir=in | app=d:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe |
"TCP Query User{8B549DB8-A556-4E5D-A7FA-0B0034442CB9}D:\games\warhammer\dowar2r\dow2.exe" = protocol=6 | dir=in | app=d:\games\warhammer\dowar2r\dow2.exe |
"TCP Query User{93C390CC-CDAC-4AD0-AF78-F95D72C2D4D2}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{C7047FEA-BE62-475B-8BD1-022206B3F1E0}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"TCP Query User{CB48F589-E34B-4048-9B05-8C862CF017A7}D:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe" = protocol=6 | dir=in | app=d:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe |
"TCP Query User{DB0B7CFA-11BF-4ADD-9849-05FF85BA4B1E}D:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe" = protocol=6 | dir=in | app=d:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe |
"TCP Query User{E1F068E1-6CCE-4394-966B-2C8E59907BB5}D:\games\divinity\divinity original sin\shipping\eocapp.exe" = protocol=6 | dir=in | app=d:\games\divinity\divinity original sin\shipping\eocapp.exe |
"TCP Query User{FDA6EDC6-D782-404B-B863-C1162FBA8561}D:\games\grey goo\grey goo\goog.exe" = protocol=6 | dir=in | app=d:\games\grey goo\grey goo\goog.exe |
"UDP Query User{05207A0F-72BF-49FC-9B91-0D3F9E3C2940}D:\games\grey goo\grey goo\instanceserverg.exe" = protocol=17 | dir=in | app=d:\games\grey goo\grey goo\instanceserverg.exe |
"UDP Query User{15519E8D-B3C4-456D-A6BB-C29391663875}D:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe" = protocol=17 | dir=in | app=d:\games\wolfenstein\wolfenstein.the new order.v 1.0.0.1\wolfneworder_x64.exe |
"UDP Query User{35A2093F-8FEA-4C27-B795-2210F4481111}D:\games\grey goo\grey goo\goog.exe" = protocol=17 | dir=in | app=d:\games\grey goo\grey goo\goog.exe |
"UDP Query User{601AE1A3-C02C-4ECC-BD2F-6BC831F001D4}D:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe" = protocol=17 | dir=in | app=d:\games\wtcher 2\the witcher 2 enhanced edition\bin\witcher2.exe |
"UDP Query User{72656825-96E5-4896-81A9-8C3A20B6BB40}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
"UDP Query User{82B95A0A-2B73-4F03-A0F3-CCF3678E0BEB}D:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe" = protocol=17 | dir=in | app=d:\games\alien - isolation\alien isolation digital deluxe edition\ai.exe |
"UDP Query User{A75C000E-D4C2-4255-8817-FBB085E79448}D:\games\divinity\divinity original sin\shipping\eocapp.exe" = protocol=17 | dir=in | app=d:\games\divinity\divinity original sin\shipping\eocapp.exe |
"UDP Query User{AB161E38-6492-4873-9543-172D481E9071}D:\games\warhammer\dowar2r\dow2.exe" = protocol=17 | dir=in | app=d:\games\warhammer\dowar2r\dow2.exe |
"UDP Query User{B894139D-3EF1-45A1-9644-B257822ABF18}C:\users\ilpeva\desktop\věci\starcrawlers.exe" = protocol=17 | dir=in | app=c:\users\ilpeva\desktop\věci\starcrawlers.exe |
"UDP Query User{C809DB8F-3869-4057-87D2-CAB9E23C474A}D:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe" = protocol=17 | dir=in | app=d:\games\brothers\brothers - a tale of two sons\binaries\win32\brothers.exe |
"UDP Query User{DF60B96F-E94A-4F32-8526-D4BDC5A46FD1}D:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe" = protocol=17 | dir=in | app=d:\games\murdered - soul suspect\murdered - soul suspect\binaries\win64\murdered.exe |
"UDP Query User{EAFED11D-5C15-48A4-8A1F-749E15DDF483}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.8
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 353.30
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.11.45
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.30
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.71.1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ff39eb65}" = coolsoft
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.6
"{33224466-21HJ-19NB-01C0-41KL5M686AC}_is1" = Warhammer 40000 - Armageddon ver. 1.03
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{34F9B822-7033-30EF-18C1-D999278F8053}" = MonsoonReuvuenue
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{51A7177D-D726-4E65-A816-3DC8778FEC02}_is1" = Act of Aggression
"{51D3E654-AC4F-9DFE-7D55-52D3CB4563E8}_is1" = aktivator-pro-windows-7-ultimate version for Windows
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9490A9E7-B0E9-D9EA-365C-3EE2B532055E}" = ConaveurTApups
"{969FB8EF-38D0-4607-CFDE-397D08A961A3}" = ReplliApp
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-0804-1033-1959-001824147215}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D8844ACB-1A60-463A-BDF5-F820BA353008}_is1" = "Might & Magic X - Legacy"
"{EE377223-72A9-4995-B3B6-8A056CA4CE5D}_is1" = "XCOM - Enemy Within"
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict: Soviet Assault
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"1207664643_is1" = The Witcher 3 - Wild Hunt
"1207666813_is1" = Pillars of Eternity
"1207666873_is1" = This War of Mine
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Alien Isolation Digital Deluxe Edition_is1" = Alien Isolation Digital Deluxe Edition version Alien Isolation Digital Deluxe Edition
"Alternative Look for Triss_is1" = Alternative Look for Triss
"Alternative Look for Yennefer_is1" = Alternative Look for Yennefer
"Avast" = Avast Free Antivirus
"Ballad Heroes - Neutral Gwent Card Set_is1" = Ballad Heroes - Neutral Gwent Card Set
"Beard and Hairstyle Set_is1" = Beard and Hairstyle Set
"BioShock Infinite_is1" = BioShock Infinite
"BitLord" = BitLord 2.3
"Blackguards2_is1" = Blackguards 2
"Brothers - A Tale of Two Sons_is1" = Brothers - A Tale of Two Sons
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dex_is1" = Dex
"Divinity Original Sin_is1" = Divinity Original Sin version 1.0.81.0
"DoWar2R_is1" = DoWar2R
"Elite Crossbow Set_is1" = Elite Crossbow Set
"ENTERPRISE" = Microsoft Office Enterprise 2007
"GOGPACKTHEWITCHER2EE_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Grey Goo_is1" = Grey Goo
"Joe Devers Lone Wolf HD Remastered_is1" = Joe Devers Lone Wolf HD Remastered
"Mozilla Firefox 39.0 (x86 cs)" = Mozilla Firefox 39.0 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Murdered - Soul Suspect_R.G. Mechanics_is1" = Murdered - Soul Suspect
"New Quest - Contract Missing Miners_is1" = New Quest - Contract Missing Miners
"New Quest - Contract: Skellige's Most Wanted_is1" = New Quest - Contract - Skellige's Most Wanted
"New Quest - Fool's Gold_is1" = New Quest - Fool's Gold
"New Quest - Scavenger Hunt: Wolf School Gear_is1" = New Quest - Scavenger Hunt - Wolf School Gear
"New Quest - Where the Cat and Wolf Play..._is1" = New Quest - Where the Cat and Wolf Play...
"Nilfgaardian Armor Set_is1" = Nilfgaardian Armor Set
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Ori and the Blind Forest_is1" = Ori and the Blind Forest
"Pillars of Eternity Kickstarter Item_is1" = Pillars of Eternity Kickstarter Item
"Pillars of Eternity Kickstarter Pet_is1" = Pillars of Eternity Kickstarter Pet
"Q2hpbGRvZkxpZ2h0_is1" = Child of Light
"QmF0bWFuQXJraGFtT3JpZ2lucw==_is1" = Batman Arkham Origins
"RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1" = Deus.Ex.Human.Revolution.Directors.Cut
"RW5kbGVzc0xlZ2VuZA==_is1" = Endless Legend
"SG9tZXdvcmxkUmVtYXN0ZXJlZENvbGxlY3Rpb24=_is1" = Homeworld Remastered Collection
"Sid Meier's Civilization V_is1" = Sid Meier's Civilization V
"Skellige Armor Set_is1" = Skellige Armor Set
"T3JkZXJvZkJhdHRsZVBhY2lmaWM=_is1" = Order of Battle: Pacific
"Temerian Armor Set_is1" = Temerian Armor Set
"The Witcher Adventure Game_is1" = The Witcher Adventure Game v1.0 / RePack by Azaq
"U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1" = Sid Meiers Civilization Beyond Earth
"Valkyria Chronicles_is1" = Valkyria Chronicles
"Wolfenstein - The Old Blood_R.G. Mechanics_is1" = Wolfenstein - The Old Blood
"Wolfenstein.The New Order.v 1.0.0.1_is1" = Wolfenstein.The New Order.v 1.0.0.1

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-417826297-2065636235-3177541415-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SeznamInstall" = Seznam Software

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2.4.2015 9:12:20 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 3.4.2015 0:30:22 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 3.4.2015 9:53:48 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 3.4.2015 17:50:59 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 3.4.2015 18:12:31 | Computer Name = Ilpeva-PC | Source = SideBySide | ID = 16842832
Description = Activation context generation failed for "c:\program files\CCleaner\CCleaner.exe".Error
in manifest or policy file "" on line . A component version required by the application
conflicts with another component version already active. Conflicting components
are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 4.4.2015 2:44:19 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 5.4.2015 10:56:46 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 6.4.2015 10:39:39 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 9.4.2015 8:05:23 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

Error - 10.4.2015 9:36:26 | Computer Name = Ilpeva-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 25.7.2015 14:02:15 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:17 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:20 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:22 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:24 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:26 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:28 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:31 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 14:02:33 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 25.7.2015 15:21:52 | Computer Name = Ilpeva-PC | Source = Disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.


< End of report >

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 26 črc 2015 10:59
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\Ilpeva\Desktop" je 49140 MB.
To je příliš mnoho, velikost adresáře plocha může brzdit start systému. Udělte nový adresář v C:\Users\Ilpeva, do něhož přesuňte data z plochy (ponechte jen zástupce) a na plochu si dejte kvůli snazšímu přístupu pouze zástupce té složky.

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 26 črc 2015 11:13
od turquoisefly
Děkuji, provedu a kamoše vytahám za tu plochu za uši. :)

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 26 črc 2015 11:27
od turquoisefly
Log:
Fix result of Farbar Recovery Scan Tool (x64) Version:26-07-2015
Ran by Ilpeva at 2015-07-26 12:26:10 Run:1
Running from C:\Users\Ilpeva\Desktop
Loaded Profiles: Ilpeva (Available Profiles: Ilpeva)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
End
*****************

"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.

==== End of Fixlog 12:26:10 ====

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 26 črc 2015 12:15
od Rudy
Všechno smazáno. Problém zmizel?

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 26 črc 2015 15:23
od turquoisefly
Děkujeme, vypadá to, že je vše v pořádku. Jste supr.

Re: 2 PC a sdílený problém - 2. počítač

Napsal: 26 črc 2015 16:10
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz