VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Padanie prehliadača: Your computer is low on memory

https://forum.viry.cz:443/viewtopic.php?t=147578

Stránka 1 z 2

Padanie prehliadača: Your computer is low on memory

Napsal: 13 led 2016 21:51
od kudus
Zrdravím páni.

Pekne prosím o pomoc. Počítač mi vyhadzuje pri surfovaní na nete (uplne simple stránky)nasledujúcu správu a niekedy vyhodí na všetkých stránkach chybovú správu.

YOUR COMPUTER IS LOW ON MEMORY. TO RESTORE ENOUGH MEMORY FOR PROGRAMS TO WORK CORRECTLY SAVE YOUR FILES AND THEN CLOSE OR RESTART ALL OPEN PROGRAMS.

Pritom beží iba Opera, alebo Chrome.

Prikladám RSIT.

Ďakujem za všetky cenné rady.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Mareek at 2016-01-13 21:47:46
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 2 GB (3%) free of 61 GB
Total RAM: 3472 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:47:52, on 13. 1. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18124)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\MSI\Super-Charger\Super-Charger.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Nuance\PaperPort\pptd40nt.exe
C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Users\Mareek\AppData\Local\Viber\Viber.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mareek\Desktop\RSIT (1).exe
C:\Program Files\trend micro\Mareek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... oogle.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe -s
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [PPort12reminder] "C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Viber] "C:\Users\Mareek\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: iSCTsysTray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Otvoriť v programe PDF Viewer Plus - res://C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: vw-wi - {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - (no file)
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISCT Always Updated Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: ELSA Auftragsverwaltungs Service (LcSvrAuf) - Volkswagen AG - D:\Instalations\ElsaWin\bin\LcSvrAuf.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSI_SuperCharger - MSI - C:\Program Files\MSI\Super-Charger\ChargeService.exe
O23 - Service: PDFProFiltSrvPP - Nuance Communications, Inc. - C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 10495 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Mareek\AppData\Roaming\Mozilla\Firefox\Profiles\n6318bwb.default

"web2pdfextension@web2pdf.adobedotcom"=D:\Instalations\Acrobat\Browser\WCFirefoxExtn


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.267 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=Doplnok iTunes Detector
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Instalations\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


C:\Program Files\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
nppdf32.SKY

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01 139368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{551A852F-39A6-44A7-9C13-AFBEC9185A9D}]
PlusIEEventHelper Class - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2012-10-01 704664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2012-10-01 1720976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-10-11 145440]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-10-11 180768]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-10-11 189472]
"USB3MON"=C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-05-20 291648]
"Super-Charger"=C:\Program Files\MSI\Super-Charger\Super-Charger.exe [2012-12-21 507016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [2013-01-15 6106184]
"IndexSearch"=C:\Program Files\Nuance\PaperPort\IndexSearch.exe [2010-03-08 46368]
"PaperPort PTD"=C:\Program Files\Nuance\PaperPort\pptd40nt.exe [2010-03-08 29984]
"PPort12reminder"=C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe [2010-02-09 328992]
"PDFHook"=C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe [2010-03-05 636192]
"PDF5 Registry Controller"=C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe [2010-03-05 62752]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20 444904]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11 958576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2009-05-05 222496]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2015-11-04 22790776]
"Viber"=C:\Users\Mareek\AppData\Local\Viber\Viber.exe [2015-11-09 51657424]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-12-08 6602152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrStsMon00]
C:\Program Files\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter4]
C:\Program Files\ControlCenter4\BrCcBoot.exe [2013-12-05 139776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2015-08-13 157968]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-08-01 39408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Users\Mareek\AppData\Local\Viber\Viber.exe [2015-11-09 51657424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.163\SSSCHE~1.EXE [2015-07-31 277920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Mareek^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^VIS-4.6+crack.exe]
C:\Users\Mareek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\VIS-4.6+crack.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
iSCTsysTray.lnk - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-10-11 330240]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-01-13 21:47:46 ----D---- C:\rsit
2016-01-08 00:19:24 ----A---- C:\Windows\system32\FlashPlayerInstaller.exe
2015-12-27 09:12:42 ----D---- C:\11f1d4e14c12489b6c81
2015-12-26 23:47:05 ----D---- C:\e4f72ff078e4dee2dcb1ada2be
2015-12-26 12:02:25 ----D---- C:\435d7e03e53c99252c1d3445
2015-12-25 03:00:26 ----D---- C:\0609726cb4b3d01a686a375b1507b4
2015-12-24 02:47:55 ----D---- C:\45fe79c923b282aef594582f4937
2015-12-23 03:00:17 ----D---- C:\f254ebe7a940ea87d5965f
2015-12-22 20:55:25 ----D---- C:\00834b01ac52e5bb60
2015-12-21 08:43:53 ----D---- C:\a040b1c15577aa16c2
2015-12-21 01:07:52 ----D---- C:\45280a00d892a222add02b24707e
2015-12-20 13:01:46 ----D---- C:\0ed8c23743ea923ebf6d0fd346a49b
2015-12-20 03:00:23 ----D---- C:\2aa6a8fc3325c39893fd91
2015-12-19 13:39:12 ----D---- C:\547eda8b428d004731e74aad17

======List of files/folders modified in the last 1 month======

2016-01-13 21:47:52 ----D---- C:\Program Files\Trend Micro
2016-01-13 21:47:47 ----D---- C:\Windows\Temp
2016-01-13 21:24:21 ----D---- C:\Windows\inf
2016-01-13 21:24:20 ----D---- C:\Windows\debug
2016-01-13 21:24:20 ----D---- C:\Windows
2016-01-13 21:24:09 ----D---- C:\Windows\System32
2016-01-13 21:24:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-01-13 21:23:50 ----D---- C:\Program Files\CCleaner
2016-01-13 21:12:57 ----SHD---- C:\System Volume Information
2016-01-13 21:12:52 ----D---- C:\Windows\system32\catroot2
2016-01-13 21:12:51 ----D---- C:\Windows\winsxs
2016-01-13 21:07:11 ----D---- C:\Users\Mareek\AppData\Roaming\ViberPC
2016-01-13 21:04:13 ----D---- C:\Windows\system32\config
2016-01-13 21:03:16 ----A---- C:\Windows\system32\log.txt
2016-01-13 21:01:15 ----A---- C:\Windows\system32\WPRO_41_2001woem.tmp
2016-01-13 17:02:45 ----D---- C:\Windows\system32\Tasks
2016-01-13 17:02:45 ----D---- C:\Program Files\Opera
2016-01-08 00:19:25 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2015-12-19 20:19:38 ----SHD---- C:\Windows\Installer
2015-12-18 03:00:21 ----SD---- C:\Windows\system32\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-05-20 15680]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2012-10-11 3745792]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2012-08-16 17384]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2012-08-16 17384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2013-01-15 2584520]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD.sys [2012-08-16 40896]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 350016]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 793920]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt32.sys [2009-11-18 24664]
R3 MEI;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECI.sys [2012-07-13 55104]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3; \??\C:\Program Files\MSI\Super-Charger\NTIOLib.sys [2012-10-26 14392]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2012-12-26 614624]
R3 StillCam;Still Serial Digital Camera Driver; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001); C:\Windows\system32\drivers\WPRO_41_2001.sys [2016-01-13 31680]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\Mareek\AppData\Local\Temp\catchme.sys []
S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV32.sys [2009-10-27 105984]
S3 ipadtst;ipadtst; \??\C:\Program Files\MSI\Super-Charger\ipadtst.sys [2012-07-26 13880]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 15872]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2015-06-10 45056]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-05-29 60744]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 583680]
R2 ISCTAgent;ISCT Always Updated Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-08-16 137768]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-14 165336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-14 279000]
R2 MSI_SuperCharger;MSI_SuperCharger; C:\Program Files\MSI\Super-Charger\ChargeService.exe [2012-12-21 144008]
R2 PDFProFiltSrvPP;PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-03-08 144672]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-01-14 366040]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-08 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 BrYNSvc;BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [2012-06-05 266240]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\system32\IntelCpHeciSvc.exe [2012-10-11 277024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-08-01 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-10 102912]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 627744]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2015-08-13 541968]
S3 LcSvrAuf;ELSA Auftragsverwaltungs Service; D:\Instalations\ElsaWin\bin\LcSvrAuf.exe [2011-12-06 1321472]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [2015-07-31 235696]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-24 149160]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-01 150648]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-08-03 1343400]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 13 led 2016 22:27
od Rudy
Zdravím!
Jak je na tom váš operační systém s legalitou?

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 13 led 2016 22:35
od kudus
Zdravím. :)

Mám windows Ultimate a kúpil som ho originál krabicovú verziu za nekresťanské peniaze. Prečo?

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 17:55
od Rudy
Některé podezřelé oper. systémy prověřujeme. Koneckonců je v našich pravidlech (pokud jste je četl) stanoveno, že problémy s nelegálními OS neřešíme. Udělejte následující sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 20:37
od kudus
Idem na to.

Prikladám fotku: https://drive.google.com/file/d/0Bxil8d ... sp=sharing

Poprípadne odfotím akúkoľvek časť krabičky.

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 20:46
od Rudy
OK. Potřebuji vidět ten log.

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 20:50
od kudus
OTL logfile created on: 14. 1. 2016 20:40:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mareek\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,39 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 32,47% Memory free
3,82 Gb Paging File | 0,40 Gb Available in Paging File | 10,37% Paging File free
Paging file location(s): c:\pagefile.sys 200 600 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,62 Gb Total Space | 1,11 Gb Free Space | 1,86% Space Free | Partition Type: NTFS
Drive F: | 7,40 Gb Total Space | 7,18 Gb Free Space | 96,99% Space Free | Partition Type: FAT32

Computer Name: WORK_STATION | User Name: Mareek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016/01/14 20:38:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mareek\Desktop\OTL.exe
PRC - [2016/01/08 07:26:36 | 000,504,952 | ---- | M] (Opera Software) -- C:\Program Files\Opera\34.0.2036.47\opera_crashreporter.exe
PRC - [2016/01/08 07:26:34 | 000,630,392 | ---- | M] (Opera Software) -- C:\Program Files\Opera\34.0.2036.47\opera.exe
PRC - [2015/12/08 22:53:17 | 000,443,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\GWX\GWX.exe
PRC - [2015/12/08 20:23:58 | 006,602,152 | ---- | M] (Piriform Ltd) -- C:\Program Files\CCleaner\CCleaner.exe
PRC - [2015/12/05 11:13:08 | 000,245,576 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe
PRC - [2015/11/09 11:26:08 | 051,657,424 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\Viber.exe
PRC - [2015/11/04 14:01:00 | 022,790,776 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2013/08/10 02:00:57 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/01/15 13:16:08 | 006,106,184 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
PRC - [2013/01/14 19:29:52 | 000,366,040 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2013/01/14 19:29:52 | 000,279,000 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2013/01/14 19:29:50 | 000,165,336 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/12/21 15:03:42 | 000,144,008 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\ChargeService.exe
PRC - [2012/12/21 15:03:40 | 000,507,016 | ---- | M] (MSI) -- C:\Program Files\MSI\Super-Charger\Super-Charger.exe
PRC - [2012/12/10 13:26:34 | 000,583,680 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2012/08/16 19:36:48 | 000,137,768 | ---- | M] () -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
PRC - [2012/08/16 19:36:26 | 000,316,416 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
PRC - [2012/05/20 17:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010/03/08 23:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 19:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe


========== Modules (No Company Name) ==========

MOD - [2016/01/14 08:36:09 | 001,176,576 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._core_.pyd
MOD - [2016/01/14 08:36:09 | 001,067,008 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._controls_.pyd
MOD - [2016/01/14 08:36:09 | 000,816,128 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._windows_.pyd
MOD - [2016/01/14 08:36:09 | 000,806,400 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._gdi_.pyd
MOD - [2016/01/14 08:36:09 | 000,733,184 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._misc_.pyd
MOD - [2016/01/14 08:36:09 | 000,686,080 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\unicodedata.pyd
MOD - [2016/01/14 08:36:09 | 000,682,496 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\pysqlite2._sqlite.pyd
MOD - [2016/01/14 08:36:09 | 000,525,640 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\windows._lib_cacheinvalidation.pyd
MOD - [2016/01/14 08:36:09 | 000,364,544 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\pythoncom27.dll
MOD - [2016/01/14 08:36:09 | 000,320,512 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32com.shell.shell.pyd
MOD - [2016/01/14 08:36:09 | 000,167,936 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32gui.pyd
MOD - [2016/01/14 08:36:09 | 000,127,488 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\pyexpat.pyd
MOD - [2016/01/14 08:36:09 | 000,123,392 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._wizard.pyd
MOD - [2016/01/14 08:36:09 | 000,119,808 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32file.pyd
MOD - [2016/01/14 08:36:09 | 000,108,544 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32security.pyd
MOD - [2016/01/14 08:36:09 | 000,098,816 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32api.pyd
MOD - [2016/01/14 08:36:09 | 000,079,360 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\usb_ext.pyd
MOD - [2016/01/14 08:36:09 | 000,078,848 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._animate.pyd
MOD - [2016/01/14 08:36:09 | 000,077,312 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\wx._html2.pyd
MOD - [2016/01/14 08:36:09 | 000,038,912 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32inet.pyd
MOD - [2016/01/14 08:36:09 | 000,035,840 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32process.pyd
MOD - [2016/01/14 08:36:09 | 000,025,600 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32pdh.pyd
MOD - [2016/01/14 08:36:09 | 000,024,064 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32pipe.pyd
MOD - [2016/01/14 08:36:09 | 000,022,528 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32ts.pyd
MOD - [2016/01/14 08:36:09 | 000,018,432 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32event.pyd
MOD - [2016/01/14 08:36:09 | 000,017,920 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\thumbnails_ext.pyd
MOD - [2016/01/14 08:36:09 | 000,017,408 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32profile.pyd
MOD - [2016/01/14 08:36:09 | 000,011,264 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\win32crypt.pyd
MOD - [2016/01/14 08:36:09 | 000,010,240 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\select.pyd
MOD - [2016/01/14 08:36:08 | 001,208,320 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_ssl.pyd
MOD - [2016/01/14 08:36:08 | 000,776,704 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_hashlib.pyd
MOD - [2016/01/14 08:36:08 | 000,128,512 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_elementtree.pyd
MOD - [2016/01/14 08:36:08 | 000,110,080 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\PyWinTypes27.dll
MOD - [2016/01/14 08:36:08 | 000,088,064 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_ctypes.pyd
MOD - [2016/01/14 08:36:08 | 000,046,080 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_socket.pyd
MOD - [2016/01/14 08:36:08 | 000,036,864 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_psutil_windows.pyd
MOD - [2016/01/14 08:36:08 | 000,027,136 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_multiprocessing.pyd
MOD - [2016/01/14 08:36:08 | 000,020,480 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\_yappi.pyd
MOD - [2016/01/14 08:36:08 | 000,013,824 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\common.time34.pyd
MOD - [2016/01/14 08:36:08 | 000,007,168 | ---- | M] () -- C:\Users\Mareek\AppData\Local\temp\_MEI39642\hashobjs_ext.pyd
MOD - [2016/01/08 07:26:45 | 061,565,560 | ---- | M] () -- C:\Program Files\Opera\34.0.2036.47\opera.dll
MOD - [2016/01/08 07:26:41 | 001,983,096 | ---- | M] () -- C:\Program Files\Opera\34.0.2036.47\libGLESv2.dll
MOD - [2016/01/08 07:26:40 | 000,081,528 | ---- | M] () -- C:\Program Files\Opera\34.0.2036.47\libEGL.dll
MOD - [2016/01/08 00:19:25 | 016,792,256 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\pepflashplayer32_20_0_0_267.dll
MOD - [2015/12/08 20:25:32 | 000,053,248 | ---- | M] () -- C:\Program Files\CCleaner\Lang\lang-1051.dll
MOD - [2015/11/12 03:01:25 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\672f0c214d9f136d6d471c466149484d\PresentationFramework.ni.dll
MOD - [2015/11/12 03:01:18 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7db5806ac75b14833569b27746d63725\PresentationCore.ni.dll
MOD - [2015/11/12 03:01:16 | 012,935,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\1f91e1eb6dd96423dbe49ef2085ddb21\System.Windows.Forms.ni.dll
MOD - [2015/11/09 11:26:08 | 051,657,424 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\Viber.exe
MOD - [2015/11/09 11:19:32 | 000,389,632 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\imageformats\qsvg.dll
MOD - [2015/11/09 11:19:27 | 000,089,088 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\qfacebook.dll
MOD - [2015/09/29 15:34:24 | 000,425,984 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtLocation\declarative_location.dll
MOD - [2015/09/29 15:26:18 | 000,057,856 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtQuick\Layouts\qquicklayoutsplugin.dll
MOD - [2015/09/29 15:25:48 | 000,690,176 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtQuick\Controls\qtquickcontrolsplugin.dll
MOD - [2015/09/29 03:04:28 | 000,184,320 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtMultimedia\declarative_multimedia.dll
MOD - [2015/09/29 03:03:32 | 000,065,024 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtPositioning\declarative_positioning.dll
MOD - [2015/09/29 02:58:25 | 000,044,032 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtQml\StateMachine\qtqmlstatemachine.dll
MOD - [2015/09/29 02:58:23 | 000,012,288 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtQuick\Window.2\windowplugin.dll
MOD - [2015/09/29 02:58:22 | 000,012,288 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtQuick.2\qtquick2plugin.dll
MOD - [2015/09/29 02:58:20 | 000,012,288 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\QtQml\Models.2\modelsplugin.dll
MOD - [2015/09/29 02:37:50 | 000,010,240 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\libEGL.dll
MOD - [2015/09/29 02:37:49 | 001,601,536 | ---- | M] () -- C:\Users\Mareek\AppData\Local\Viber\libGLESV2.dll
MOD - [2015/09/09 07:38:16 | 001,650,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\0fa731ea0ae5de79fe1c1ab061d82fd1\System.Drawing.ni.dll
MOD - [2015/08/26 08:44:30 | 000,055,576 | ---- | M] () -- C:\Program Files\CCleaner\branding.dll
MOD - [2015/05/12 22:19:55 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d2acb5226fa8916ef6417139a742a09d\System.Core.ni.dll
MOD - [2015/05/12 22:19:54 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8115eb34e0d122591c2a9595cfff225e\WindowsBase.ni.dll
MOD - [2014/10/14 22:01:41 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014/10/14 22:01:40 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\7971f3a1c08c4043cf981f457855b4d4\PresentationFramework.Aero.ni.dll
MOD - [2014/10/14 22:01:33 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014/02/12 03:01:56 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2012/10/11 00:27:30 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2012/10/01 19:33:02 | 006,522,480 | ---- | M] () -- C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
MOD - [2010/03/15 10:28:24 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- D:\Instalations\ElsaWin\bin\LcSvrAuf.exe -- (LcSvrAuf)
SRV - [2016/01/08 00:19:26 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015/12/12 18:27:29 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015/09/24 00:17:28 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015/07/31 15:42:02 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe -- (McComponentHostService)
SRV - [2015/07/22 18:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2013/08/03 02:00:28 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/27 05:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/14 19:29:52 | 000,366,040 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2013/01/14 19:29:52 | 000,279,000 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2013/01/14 19:29:50 | 000,165,336 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/12/21 15:03:42 | 000,144,008 | ---- | M] (MSI) [Auto | Running] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2012/12/10 13:26:48 | 000,627,744 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV - [2012/12/10 13:26:34 | 000,583,680 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012/10/11 00:27:46 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/08/16 19:36:48 | 000,137,768 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Stopped] -- C:\Program Files\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2010/03/10 13:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/03/08 23:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTIOLib.sys -- (NTIOLib_1_0_C)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\CDriver.sys -- (MSICDSetup)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Mareek\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2016/01/14 08:35:59 | 000,031,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV - [2015/06/11 18:15:04 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/10/26 08:59:46 | 000,014,392 | ---- | M] (MSI) [Kernel | On_Demand | Running] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2012/08/16 19:31:28 | 000,040,896 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ISCTD.sys -- (ISCT)
DRV - [2012/08/16 19:31:28 | 000,017,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\imsevent.sys -- (imsevent)
DRV - [2012/08/16 19:31:26 | 000,017,384 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ikbevent.sys -- (ikbevent)
DRV - [2012/07/26 09:14:46 | 000,013,880 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Super-Charger\ipadtst.sys -- (ipadtst)
DRV - [2012/07/13 03:56:32 | 000,055,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2012/05/20 17:25:32 | 000,793,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV - [2012/05/20 17:25:32 | 000,350,016 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub)
DRV - [2012/05/20 17:25:32 | 000,015,680 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2010/11/20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009/11/18 00:12:00 | 000,024,664 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\MBfilt32.sys -- (MBfilt)
DRV - [2009/10/27 03:01:06 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HtcVComV32.sys -- (HtcVCom32)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... IM_enSK547
IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.3
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: D:\Instalations\Acrobat\Air\nppdf32.dll File not found
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Instalations\Acrobat\Browser\WCFirefoxExtn
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/09/24 00:17:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 40.0.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2015/09/24 00:17:24 | 000,000,000 | ---D | M]

[2013/08/02 00:14:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mareek\AppData\Roaming\Mozilla\Extensions
[2015/09/25 08:08:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mareek\AppData\Roaming\Mozilla\Firefox\Profiles\n6318bwb.default\extensions
[2015/09/24 00:17:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015/09/24 00:17:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/01 19:33:44 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.1_1\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\Mareek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2015/09/21 22:04:54 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Adobe Acrobat Create PDF Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000..\Run: [Viber] C:\Users\Mareek\AppData\Local\Viber\Viber.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] C:\Windows\System32\SPReview\SPReview.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Otvoriť v programe PDF Viewer Plus - C:\Program Files\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7420D44-C3D8-4FBA-A14B-08872965AE11}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\vw-wi - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/02/22 01:26:14 | 000,000,000 | ---D | M] - C:\Auto-diagnostika -- [ NTFS ]
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/10/16 19:34:32 | 000,000,031 | -H-- | M] () - F:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2016/01/14 20:38:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mareek\Desktop\OTL.exe
[2016/01/13 21:47:46 | 000,000,000 | ---D | C] -- C:\rsit
[2016/01/13 21:32:38 | 001,721,856 | ---- | C] (Farbar) -- C:\Users\Mareek\Desktop\FRST.exe
[2016/01/13 21:13:15 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/01/13 21:13:15 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/01/13 21:13:15 | 000,341,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/01/13 21:13:15 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/01/13 21:13:15 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/01/13 21:13:15 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/01/13 21:13:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/01/13 21:13:14 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/01/13 21:13:14 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/01/13 21:13:14 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/01/13 21:13:14 | 000,687,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/01/13 21:13:14 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/01/13 21:13:14 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/01/13 21:13:14 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/01/13 21:13:14 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/01/13 21:13:13 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/01/13 21:13:13 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/01/13 21:13:13 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/01/13 21:13:13 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/01/13 21:13:12 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/01/13 21:13:12 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/01/13 21:13:11 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/01/13 21:13:11 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/01/13 21:13:10 | 004,610,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/01/13 21:13:05 | 001,230,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016/01/13 21:13:05 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016/01/13 21:13:05 | 000,591,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016/01/13 21:13:05 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016/01/13 21:13:05 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016/01/13 21:13:05 | 000,022,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016/01/13 21:13:04 | 003,993,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016/01/13 21:13:04 | 003,938,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016/01/13 21:13:04 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016/01/13 21:13:03 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016/01/13 21:13:03 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016/01/13 21:13:03 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016/01/13 21:13:03 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016/01/13 21:13:03 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016/01/13 21:13:03 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016/01/13 21:13:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016/01/13 21:13:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016/01/13 21:13:03 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016/01/13 21:13:02 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016/01/13 21:13:02 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2016/01/13 21:13:02 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2016/01/13 21:13:01 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2016/01/13 21:13:01 | 002,386,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016/01/13 21:13:01 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2016/01/13 21:13:01 | 001,568,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVENCOD.DLL
[2016/01/13 21:13:01 | 000,970,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2adec.dll
[2016/01/13 21:13:01 | 000,902,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOD.DLL
[2016/01/13 21:13:01 | 000,829,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPEG2ENC.DLL
[2016/01/13 21:13:01 | 000,815,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMADMOE.DLL
[2016/01/13 21:13:01 | 000,740,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2016/01/13 21:13:01 | 000,739,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2016/01/13 21:13:01 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSDECD.DLL
[2016/01/13 21:13:01 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COLORCNV.DLL
[2016/01/13 21:13:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapistub.dll
[2016/01/13 21:13:01 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
[2016/01/13 21:13:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fixmapi.exe
[2016/01/13 21:13:00 | 002,285,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll
[2016/01/13 21:13:00 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2016/01/13 21:13:00 | 001,325,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOE.DLL
[2016/01/13 21:13:00 | 000,728,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mcmde.dll
[2016/01/13 21:13:00 | 000,665,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVXENCD.DLL
[2016/01/13 21:13:00 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFWMAAEC.DLL
[2016/01/13 21:13:00 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2016/01/13 21:13:00 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\evr.dll
[2016/01/13 21:13:00 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2016/01/13 21:13:00 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVSENCD.DLL
[2016/01/13 21:13:00 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2016/01/13 21:13:00 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SysFxUI.dll
[2016/01/13 21:13:00 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MPG4DECD.DLL
[2016/01/13 21:13:00 | 000,241,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP43DECD.DLL
[2016/01/13 21:13:00 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RESAMPLEDMO.DLL
[2016/01/13 21:13:00 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qasf.dll
[2016/01/13 21:13:00 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksproxy.ax
[2016/01/13 21:13:00 | 000,177,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\portcls.sys
[2016/01/13 21:13:00 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VIDRESZR.DLL
[2016/01/13 21:13:00 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2016/01/13 21:13:00 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\drmk.sys
[2016/01/13 21:13:00 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP3DMOD.DLL
[2016/01/13 21:13:00 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
[2016/01/13 21:13:00 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfvdsp.dll
[2016/01/13 21:13:00 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rrinstaller.exe
[2016/01/13 21:13:00 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfpmp.exe
[2016/01/13 21:13:00 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
[2016/01/13 21:13:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mferror.dll
[2016/01/08 00:19:24 | 019,607,232 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2015/12/27 09:12:42 | 000,000,000 | ---D | C] -- C:\11f1d4e14c12489b6c81
[2015/12/26 23:47:05 | 000,000,000 | ---D | C] -- C:\e4f72ff078e4dee2dcb1ada2be
[2015/12/26 12:02:25 | 000,000,000 | ---D | C] -- C:\435d7e03e53c99252c1d3445
[2015/12/25 03:00:26 | 000,000,000 | ---D | C] -- C:\0609726cb4b3d01a686a375b1507b4
[2015/12/24 02:47:55 | 000,000,000 | ---D | C] -- C:\45fe79c923b282aef594582f4937
[2015/12/23 03:00:17 | 000,000,000 | ---D | C] -- C:\f254ebe7a940ea87d5965f
[2015/12/22 20:55:25 | 000,000,000 | ---D | C] -- C:\00834b01ac52e5bb60
[2015/12/21 08:43:53 | 000,000,000 | ---D | C] -- C:\a040b1c15577aa16c2
[2015/12/21 01:07:52 | 000,000,000 | ---D | C] -- C:\45280a00d892a222add02b24707e
[2015/12/20 13:01:46 | 000,000,000 | ---D | C] -- C:\0ed8c23743ea923ebf6d0fd346a49b
[2015/12/20 03:00:23 | 000,000,000 | ---D | C] -- C:\2aa6a8fc3325c39893fd91
[2015/12/19 13:39:12 | 000,000,000 | ---D | C] -- C:\547eda8b428d004731e74aad17
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2016/01/14 20:41:29 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/01/14 20:38:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mareek\Desktop\OTL.exe
[2016/01/14 20:32:42 | 001,205,691 | ---- | M] () -- C:\Users\Mareek\Desktop\image1.JPG
[2016/01/14 20:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/01/14 20:18:00 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/01/14 20:12:02 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/01/14 20:11:13 | 000,020,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/01/14 20:11:13 | 000,020,672 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/01/14 20:05:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/01/14 08:41:08 | 000,654,254 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/01/14 08:41:08 | 000,122,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/01/14 08:36:02 | 003,907,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/01/14 08:35:59 | 000,031,680 | ---- | M] () -- C:\Windows\System32\drivers\WPRO_41_2001.sys
[2016/01/14 08:35:50 | 2730,614,784 | -HS- | M] () -- C:\hiberfil.sys
[2016/01/13 22:20:37 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2016/01/13 21:33:15 | 001,107,968 | ---- | M] () -- C:\Users\Mareek\Desktop\RSIT (1).exe
[2016/01/13 21:32:40 | 001,721,856 | ---- | M] (Farbar) -- C:\Users\Mareek\Desktop\FRST.exe
[2016/01/13 21:26:09 | 001,227,544 | ---- | M] () -- C:\Users\Mareek\Documents\cc_20160113_212605.reg
[2016/01/13 21:23:41 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2016/01/10 00:18:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2016/01/08 00:19:25 | 000,796,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016/01/08 00:19:25 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016/01/08 00:19:24 | 019,607,232 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2016/01/06 21:25:10 | 001,749,504 | ---- | M] () -- C:\Users\Mareek\Desktop\adwcleaner_5.028.exe
[2015/12/30 19:47:23 | 003,993,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2015/12/30 19:47:23 | 003,938,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2015/12/30 19:41:03 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2015/12/30 19:39:38 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2015/12/30 19:39:32 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2015/12/30 19:39:17 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2015/12/30 19:38:12 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2015/12/30 19:37:35 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2015/12/30 19:37:30 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2015/12/30 18:44:49 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2015/12/30 18:38:31 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2015/12/30 18:30:51 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2015/12/23 23:52:08 | 000,341,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2016/01/14 20:41:29 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/01/14 20:34:00 | 001,205,691 | ---- | C] () -- C:\Users\Mareek\Desktop\image1.JPG
[2016/01/13 21:33:13 | 001,107,968 | ---- | C] () -- C:\Users\Mareek\Desktop\RSIT (1).exe
[2016/01/13 21:26:06 | 001,227,544 | ---- | C] () -- C:\Users\Mareek\Documents\cc_20160113_212605.reg
[2016/01/13 18:23:13 | 001,749,504 | ---- | C] () -- C:\Users\Mareek\Desktop\adwcleaner_5.028.exe
[2015/12/19 13:42:21 | 001,572,588 | ---- | C] () -- C:\Users\Mareek\Desktop\IMG_4276.JPG
[2015/09/21 22:00:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2015/09/21 22:00:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2015/09/21 22:00:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2015/09/21 22:00:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2015/09/21 22:00:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/09/07 10:12:51 | 000,000,000 | ---- | C] () -- C:\Users\Mareek\regbcm
[2013/08/01 22:08:54 | 000,000,036 | ---- | C] () -- C:\Users\Mareek\AppData\Local\housecall.guid.cache

========== ZeroAccess Check ==========

[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/08/06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/09/07 11:43:11 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2015/01/16 21:13:05 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\ControlCenter4
[2013/09/08 19:23:25 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\ESET
[2013/12/14 22:18:05 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\GHISLER
[2013/08/01 23:57:01 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Nuance
[2015/10/07 20:42:49 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Opera Software
[2013/12/28 04:54:15 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\SolidDocuments
[2015/07/19 21:01:37 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2016/01/14 08:36:14 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\ViberPC

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 05:53:46 | 000,032,608 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/08/01 22:02:25 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/08/01 22:02:25 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013/08/24 21:45:46 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2015/07/14 22:11:41 | 000,000,892 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 02:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 13:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 00:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 09:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\erdnt\cache\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 13:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 02:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2015/04/13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\erdnt\cache\services.exe
[2015/04/13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015/04/13 04:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009/07/14 02:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015/04/11 04:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2011/04/25 05:56:06 | 001,286,016 | ---- | M] (Microsoft Corporation) MD5=0158D5E9982E9D6A90DFC802F618E130 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16802_none_b347f075c77b9c9d\tcpip.sys
[2011/04/25 05:31:30 | 001,290,624 | ---- | M] (Microsoft Corporation) MD5=24326784DF8F3D5F5BBB9F878CE33C14 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_b52f4dc5c4a121e0\tcpip.sys
[2009/07/14 02:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2013/01/03 06:01:49 | 001,303,912 | ---- | M] (Microsoft Corporation) MD5=34AE5CC0C7417AB701C2AA8A7BC75417 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.21415_none_b3c99dece09ecc3b\tcpip.sys
[2010/11/20 13:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2013/01/04 05:56:23 | 001,308,504 | ---- | M] (Microsoft Corporation) MD5=4A95845C5F33A4DDEB6AEF6367FB6520 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22209_none_b5becc06ddb98192\tcpip.sys
[2013/07/06 06:05:35 | 001,293,760 | ---- | M] (Microsoft Corporation) MD5=4E8B9BE71B807B3BAEDB7F4243F85E3C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_b52f2f65c4a146e5\tcpip.sys
[2013/07/06 05:57:37 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=528F7CC60391DD0FAB0344F32F051FDF -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_b5721e2eddf328f9\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\erdnt\cache\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\System32\drivers\tcpip.sys
[2014/04/05 03:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2013/05/08 07:15:22 | 001,309,032 | ---- | M] (Microsoft Corporation) MD5=6088D01FAD49729EA0A5A3D9B9BA8B84 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22319_none_b5b3fe00ddc19aaa\tcpip.sys
[2013/09/07 03:06:48 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2011/04/25 07:31:09 | 001,301,376 | ---- | M] (Microsoft Corporation) MD5=6D4728CFF2724FF3A4654971D61D0F1C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_b5ad1a5addc7c444\tcpip.sys
[2013/01/03 06:05:20 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=7C0507D2391AF5933600CBCED799F277 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18042_none_b502eb9fc4c2a304\tcpip.sys
[2011/04/25 05:44:18 | 001,298,816 | ---- | M] (Microsoft Corporation) MD5=8861B9A06BA99C6E1D62D0C86DFAB86C -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.20951_none_b39a7d5ae0c2aec5\tcpip.sys
[2013/01/04 05:55:21 | 001,287,528 | ---- | M] (Microsoft Corporation) MD5=BBCEAEFF1FD72A026F827CBB2F4AA8AD -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.17206_none_b34bcf71c7782cb0\tcpip.sys
[2013/09/08 03:07:12 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2013/05/08 06:38:00 | 001,293,672 | ---- | M] (Microsoft Corporation) MD5=D32FDAC73FCD76B85389C39BC1087F2A -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18148_none_b508ef41c4bd3835\tcpip.sys
[2012/10/03 17:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2013/11/26 12:07:37 | 001,309,632 | ---- | M] (Microsoft Corporation) MD5=DC08335B30D83FB61E9EFE6FDD09D40D -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22525_none_b5a530b8ddcd4b8d\tcpip.sys
[2012/10/03 17:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014/04/05 03:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 20:50
od kudus
< MD5 for: USERINIT.EXE >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2014/07/16 03:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\erdnt\cache\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 02:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 10:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 11:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[7 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\18a35f5517367856b2baf22a8eae6b86\*.tmp files -> C:\Windows\SoftwareDistribution\Download\18a35f5517367856b2baf22a8eae6b86\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\68a932b7d968000f163a56fce4f1c00f\*.tmp files -> C:\Windows\SoftwareDistribution\Download\68a932b7d968000f163a56fce4f1c00f\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015/07/19 21:01:24 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Adobe
[2015/09/04 16:45:47 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Apple Computer
[2014/05/23 20:39:26 | 000,000,000 | R--D | M] -- C:\Users\Mareek\AppData\Roaming\Brother
[2013/09/07 11:43:11 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
[2015/01/16 21:13:05 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\ControlCenter4
[2013/09/07 11:14:04 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Corel
[2013/09/08 19:23:25 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\ESET
[2013/08/02 00:03:23 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\FLEXnet
[2013/12/14 22:18:05 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\GHISLER
[2014/09/16 21:32:03 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Google
[2013/08/01 21:49:33 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Identities
[2013/08/01 23:57:42 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\InstallShield
[2013/08/24 21:45:46 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Macromedia
[2009/07/14 08:48:45 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Media Center Programs
[2015/09/29 20:38:35 | 000,000,000 | --SD | M] -- C:\Users\Mareek\AppData\Roaming\Microsoft
[2013/08/02 00:14:13 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Mozilla
[2013/08/01 23:57:01 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Nuance
[2015/10/07 20:42:49 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\Opera Software
[2013/12/28 04:54:15 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\SolidDocuments
[2015/07/19 21:01:37 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2016/01/14 08:36:14 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\ViberPC
[2013/09/07 09:58:11 | 000,000,000 | ---D | M] -- C:\Users\Mareek\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2016/01/10 00:18:00 | 000,000,892 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
[2016/01/14 20:22:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016/01/14 20:12:02 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016/01/14 20:18:00 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >
[2016/01/14 08:35:59 | 000,031,680 | ---- | M] () -- C:\Windows\system32\drivers\WPRO_41_2001.sys

< %systemroot%\system32\*.* /3 >
[2016/01/14 20:11:13 | 000,020,672 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/01/14 20:11:13 | 000,020,672 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/01/14 08:36:02 | 003,907,584 | ---- | M] () -- C:\Windows\system32\FNTCACHE.DAT
[2016/01/14 08:38:00 | 000,000,018 | ---- | M] () -- C:\Windows\system32\log.txt
[2016/01/13 23:45:23 | 141,317,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MRT.exe
[2016/01/14 08:41:08 | 000,122,126 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016/01/14 08:41:08 | 000,654,254 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016/01/14 08:41:08 | 000,782,470 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"ISUSPM" = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler -- [2009/05/05 15:06:06 | 000,222,496 | ---- | M] (Acresso Corporation)
"GoogleDriveSync" = "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart -- [2015/11/04 14:01:00 | 022,790,776 | ---- | M] (Google)
"Viber" = "C:\Users\Mareek\AppData\Local\Viber\Viber.exe" StartMinimized -- [2015/11/09 11:26:08 | 051,657,424 | ---- | M] ()
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR -- [2015/12/08 20:23:58 | 006,602,152 | ---- | M] (Piriform Ltd)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2015/09/24 00:17:28 | 000,377,000 | ---- | M] (Mozilla Corporation) MD5=05299546F243159CB8A42906ACB219A8 -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2015/12/23 23:52:08 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=0E5C2FBD4CF9CB08DCDA586247195FF2 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016/01/13 15:59:49 | 000,748,872 | ---- | M] (Google Inc.) MD5=1F07A805A9BFC89DE1F612CB1C4ABE4C -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016/01/14 20:41:29 | 000,000,512 | ---- | M] () MD5=B0455B96B8CBB4A1F94BF202F69B28DE -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2013/09/07 09:54:45 | 000,000,953 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 3.93 pln verze CZ x86 a x64 + CRACK\WinRAR 3.93 pln verze CZ x86 a x64 + CRACK.lnk
[2013/09/07 09:54:45 | 000,000,953 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\WinRAR 3.93 pln verze CZ x86 a x64 + CRACK\WinRAR 3.93 pln verze CZ x86 a x64 + CRACK.lnk
[2015/02/22 00:48:07 | 002,581,504 | ---- | M] () -- \Users\Mareek\Downloads\VIS-4.6+crack.exe
[2015/02/22 00:48:07 | 002,581,504 | ---- | M] () -- \Windows\pss\VIS-4.6+crack.exe.Startup

< *keygen* /s >
[2008/09/01 07:31:33 | 001,171,456 | ---- | M] () -- \Auto-diagnostika\VIS KEYGEN all.exe
[2009/02/01 14:51:40 | 000,000,222 | ---- | M] () -- \Auto-diagnostika\viS KEYGEN.TXT
[2008/09/01 07:31:33 | 001,171,456 | ---- | M] () -- \Auto-diagnostika\VIS-keygen-all\VIS KEYGEN all.exe
[2009/02/01 14:51:40 | 000,000,222 | ---- | M] () -- \Auto-diagnostika\VIS-keygen-all\viS KEYGEN.TXT
[2012/03/14 14:52:06 | 000,088,576 | ---- | M] () -- \Program Files\AutoComSoft\Auto-diagnostika\Crack\Vis 4.5 Keygen.exe
[2013/12/18 20:41:20 | 000,128,275 | ---- | M] () -- \Users\Mareek\Downloads\ELSA_Keygen.rar
[2015/02/22 01:06:01 | 045,987,856 | ---- | M] () -- \Users\Mareek\Downloads\VIS-keygen-all.rar
[2012/03/14 15:52:04 | 000,088,576 | ---- | M] () -- \Users\Mareek\Downloads\ADOBE ILUSTRATOR\vis crack\Vis 4.5 Keygen.exe

< *loader* /s >
[2012/02/22 22:11:56 | 000,078,336 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/22 22:11:56 | 000,155,136 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/22 22:11:56 | 000,117,248 | ---- | M] () -- \Program Files\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2015/05/15 15:27:10 | 000,060,712 | ---- | M] () -- \Program Files\Common Files\Apple\Apple Application Support\YSLoader.exe
[2008/07/30 09:06:58 | 000,072,192 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.dll
[2008/07/29 02:43:16 | 000,004,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VS7DEBUG\coloader80.tlb
[2012/10/01 19:30:04 | 000,268,384 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2012/10/01 19:30:04 | 000,019,048 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2010/03/08 23:35:00 | 000,036,128 | ---- | M] () -- \Program Files\Nuance\PaperPort\AppDomainLoader.dll
[2008/02/25 07:05:22 | 000,856,064 | ---- | M] () -- \Program Files\The KMPlayer\ImLoader.dll
[2010/03/15 10:28:24 | 000,045,056 | ---- | M] () -- \Program Files\WinRAR\RarExtLoader.exe
[2016/01/14 08:36:08 | 000,008,192 | ---- | M] () -- \Users\Mareek\AppData\Local\temp\_MEI39642\_win32sysloader.pyd
[2014/02/12 03:05:51 | 000,017,408 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\bf1fece0f8125c1fe7bb0f6bb90642c2\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/02/12 03:05:51 | 000,000,796 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.O29577370#\bf1fece0f8125c1fe7bb0f6bb90642c2\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2013/08/01 23:18:03 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.CLRLoader.dll
[2015/12/30 20:30:42 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_cs-cz_35d241d4746a5560.manifest
[2015/12/30 20:30:57 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_da-dk_d30c21fb6ab0515f.manifest
[2015/12/30 20:29:15 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_de-de_d037b7376c86a5f9.manifest
[2015/12/30 20:30:34 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_el-gr_78cde4ca5b9c0e87.manifest
[2015/12/30 20:33:09 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_es-es_78f3ea145b8ba363.manifest
[2015/12/30 20:31:11 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_fi-fi_180eeec150a5958d.manifest
[2015/12/30 20:29:10 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_fr-fr_1bab60134e5db9c5.manifest
[2015/12/30 20:32:15 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_hu-hu_631be05b32bd88e1.manifest
[2015/12/30 20:32:04 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_it-it_05d3565a258f9f43.manifest
[2015/12/30 20:32:22 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_ja-jp_a7f8d56718aab11e.manifest
[2015/12/30 20:32:10 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_ko-kr_4b62b21c0b1b7834.manifest
[2015/12/30 20:29:23 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_nb-no_33f53350e340a3f0.manifest
[2015/12/30 20:32:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_nl-nl_32347e8ee46cadc5.manifest
[2015/12/30 20:33:33 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_pl-pl_7870d910c98f1b79.manifest
[2015/12/30 20:32:47 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_pt-br_7ac4c3b4c818af5d.manifest
[2015/12/30 20:31:48 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_pt-pt_7ba69320c7881f39.manifest
[2015/12/30 20:32:40 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_ru-ru_c249a4e4ac69ad65.manifest
[2015/12/30 20:33:01 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_sv-se_5e448f59a392b7c0.manifest
[2015/12/30 20:32:08 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_tr-tr_0751d9a0924eb9b1.manifest
[2015/12/30 20:32:13 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_zh-cn_d8aef79e42868bd0.manifest
[2015/12/30 20:25:52 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_zh-hk_d759f02c4361fe60.manifest
[2015/12/30 20:32:03 | 000,002,883 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_zh-tw_dcab34f43ff76840.manifest
[2015/12/30 20:29:29 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_cs-cz_43c518c0af870abc.manifest
[2015/12/30 20:30:55 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_da-dk_e0fef8e7a5cd06bb.manifest
[2015/12/30 20:28:43 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_de-de_de2a8e23a7a35b55.manifest
[2015/12/30 20:30:34 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_el-gr_86c0bbb696b8c3e3.manifest
[2015/12/30 19:59:47 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_en-us_871b641c9681671a.manifest
[2015/12/30 20:32:24 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_es-es_86e6c10096a858bf.manifest
[2015/12/30 20:31:09 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_fi-fi_2601c5ad8bc24ae9.manifest
[2015/12/30 20:28:38 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_fr-fr_299e36ff897a6f21.manifest
[2015/12/30 20:31:27 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_hu-hu_710eb7476dda3e3d.manifest
[2015/12/30 20:31:12 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_it-it_13c62d4660ac549f.manifest
[2015/12/30 20:31:46 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_ja-jp_b5ebac5353c7667a.manifest
[2015/12/30 20:31:33 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_ko-kr_5955890846382d90.manifest
[2015/12/30 20:29:22 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_nb-no_41e80a3d1e5d594c.manifest
[2015/12/30 20:31:02 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_nl-nl_4027557b1f896321.manifest
[2015/12/30 20:32:48 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_pl-pl_8663affd04abd0d5.manifest
[2015/12/30 20:32:01 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_pt-br_88b79aa1033564b9.manifest
[2015/12/30 20:30:45 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_pt-pt_89996a0d02a4d495.manifest
[2015/12/30 20:31:50 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_ru-ru_d03c7bd0e78662c1.manifest
[2015/12/30 20:32:13 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_sv-se_6c376645deaf6d1c.manifest
[2015/12/30 20:31:13 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_tr-tr_1544b08ccd6b6f0d.manifest
[2015/12/30 20:31:41 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_zh-cn_e6a1ce8a7da3412c.manifest
[2015/12/30 20:25:52 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_zh-hk_e54cc7187e7eb3bc.manifest
[2015/12/30 20:31:28 | 000,002,886 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_zh-tw_ea9e0be07b141d9c.manifest
[2015/12/30 20:23:50 | 000,004,249 | ---- | M] () -- \Windows\SoftwareDistribution\Download\9e86d2061add70a5ffb0eccd7befde3c\x86_microsoft-windows-e..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_427e620ce1f818bf.manifest
[2015/05/09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[1 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2009/07/14 05:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2015/10/13 21:56:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9.manifest
[2015/10/13 21:56:49 | 000,033,216 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9_winload.exe.mui_3bc5b827
[2015/10/13 21:56:49 | 000,029,632 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9_winresume.exe.mui_ff8b5358
[2015/10/13 21:56:49 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2015/10/13 21:56:49 | 000,521,384 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe_winload.exe_75835076
[2015/10/13 21:56:49 | 000,455,752 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe_winresume.exe_85cd1215
[2009/07/14 03:17:38 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 03:17:38 | 000,017,472 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23_spldr.sys_98bd87a0
[2015/05/12 22:23:10 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009/07/14 03:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2014/07/08 22:41:53 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18526_en-us_78973dd1424c57be.manifest
[2015/02/03 04:16:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b.manifest
[2015/08/04 18:52:22 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18950_en-us_7870d3e9426a0823.manifest
[2015/10/01 18:55:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9.manifest
[2014/07/08 22:41:44 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22736_en-us_79160c965b7210a0.manifest
[2014/12/13 02:50:09 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22908_en-us_793880ba5b57e9c9.manifest
[2015/01/12 23:09:31 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_791bdedc5b6e704a.manifest
[2015/01/16 07:23:55 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_791ddf705b6ca2f8.manifest
[2015/01/27 04:33:20 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22943_en-us_79083f985b7cdada.manifest
[2015/02/03 04:36:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_790d410a5b78598d.manifest
[2015/03/17 05:50:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23002_en-us_793257205b5d8501.manifest
[2015/04/27 20:04:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_790516dc5b7fc217.manifest
[2015/05/25 19:11:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_78e6a7ac5b964898.manifest
[2015/07/15 04:04:54 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_7920ba565b6a1f66.manifest
[2015/07/15 18:54:31 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_7915ea6a5b723b57.manifest
[2015/07/23 01:02:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_en-us_790719565b7df1ec.manifest
[2015/08/04 18:57:08 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23153_en-us_78fd49b45b852734.manifest
[2015/09/28 21:20:57 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23223_en-us_791dbb5e5b6cd088.manifest
[2015/10/01 18:48:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_en-us_7920bc3c5b6a1c8d.manifest
[2015/10/20 01:51:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_en-us_78fa4abc5b87d856.manifest
[2015/12/30 20:00:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_en-us_79288d305b64b1be.manifest
[2009/07/14 02:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2009/08/19 08:38:48 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16411_none_5b44c087cdc549ed.manifest
[2009/08/19 08:21:21 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.20509_none_5be12f8ee6d3987e.manifest
[2010/11/20 04:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2014/08/19 04:02:10 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18574_none_5ced2dcdcb19ba9a.manifest
[2015/02/03 04:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015/08/04 19:12:04 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18950_none_5cfed415cb0d11f8.manifest
[2015/10/01 19:21:33 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2014/08/19 04:09:35 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22780_none_5d67fb6ae4430e20.manifest
[2014/12/12 07:03:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22908_none_5dc680e6e3faf39e.manifest
[2015/01/12 04:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015/01/14 07:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015/01/27 04:51:15 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22943_none_5d963fc4e41fe4af.manifest
[2015/02/03 04:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015/03/17 06:06:11 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23002_none_5dc0574ce4008ed6.manifest
[2015/04/27 20:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015/05/25 19:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015/07/15 04:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015/07/15 19:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015/07/23 01:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2015/08/04 19:18:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23153_none_5d8b49e0e4283109.manifest
[2015/09/28 21:46:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23223_none_5dabbb8ae40fda5d.manifest
[2015/10/01 19:05:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_5daebc68e40d2662.manifest
[2015/10/20 02:15:07 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_5d884ae8e42ae22b.manifest
[2015/12/30 20:23:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_5db68d5ce407bb93.manifest
[2009/07/14 02:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2009/07/14 02:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 02:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:45:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17135_none_0abe3b21dcfb1c4b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17206_none_0adfad15dce1def6\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:48:05 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21335_none_0b47d9d2f618b93c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:39:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21416_none_0b5e7bdaf60797d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:40:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.17965_none_0c845227da39a5ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 02:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 04:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/10/04 17:29:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22125_none_0d3906c4f3370937\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 05:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/01/04 05:43:16 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22209_none_0d52a9aaf32333d8\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 06:53:29 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/03/04 11:35:49 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 03:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 06:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 20:50
od kudus
OTL Extras logfile created on: 14. 1. 2016 20:40:07 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mareek\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18163)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

3,39 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 32,47% Memory free
3,82 Gb Paging File | 0,40 Gb Available in Paging File | 10,37% Paging File free
Paging file location(s): c:\pagefile.sys 200 600 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 59,62 Gb Total Space | 1,11 Gb Free Space | 1,86% Space Free | Partition Type: NTFS
Drive F: | 7,40 Gb Total Space | 7,18 Gb Free Space | 96,99% Space Free | Partition Type: FAT32

Computer Name: WORK_STATION | User Name: Mareek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = OperaStable] -- C:\Program Files\Opera\Launcher.exe (Opera Software)

[HKEY_USERS\S-1-5-21-3781076814-2093129730-4001187080-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\launcher.exe" -noautoupdate -- "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8A951578-5B78-4AC4-BB94-BAE172233E04}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\google\chrome\application\chrome.exe |
"{8B98FFD3-F56B-4939-B056-66D15B3CA61E}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{8E35E31F-C330-4D05-BCFF-6E884A0E60E5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{E47F445F-CC76-4FFE-942C-94EBCCCA03E9}" = lport=135 | protocol=6 | dir=in | name=elsawinrpc |
"{E5170A74-7947-43F5-B476-8F8507E07196}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040F2FD5-A188-4447-900E-D0EA4065B45E}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{1B1050A0-F431-40DA-83F2-F557E5A17F3F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{1D5FBB8E-C746-4661-AA8B-B1BE65869209}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{37390FCF-1EA4-4194-A44D-E60F97BD51D1}" = dir=in | app=c:\users\mareek\appdata\local\viber\viber.exe |
"{3CB6CF78-3F03-421C-9D60-86AFE49F778A}" = protocol=6 | dir=in | app=c:\program files\brother\brmfl10f\faxrx.exe |
"{4C601190-106C-4E92-90DF-0D578E977DC9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{53952215-3B09-4CDC-858E-BA6BA57B02F6}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{6A831246-EE34-4D12-8DF7-25BFA2121DFB}" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"{726D9069-068E-4E48-B3F8-C188B299652A}" = protocol=17 | dir=in | app=c:\program files\brother\brmfl10f\faxrx.exe |
"{79B8E486-3D06-41E8-96E6-AD01FB1DE3D5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9099BCC0-BCCC-4A67-85D8-4FB9FF2A7DE8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{AE2E00D6-A7E9-4C8B-83A2-0AE5E4CADABA}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{E31E5BA0-6E4C-45A1-942C-FD0A914BFAC1}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{E7D56AD3-BB17-4C2A-A128-D42671B6B51D}" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{D95CEB4D-CE58-4DF0-AE26-CDD4EFC0F41F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{2F94DA7D-F311-4A73-9C85-3072C88F1149}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{0084B0C3-F376-42E3-804A-885D249282BD}" = CorelDRAW Graphics Suite X6 - IPM
"{025E78AC-BD91-4E9E-B165-3C09D4084BA4}" = iTunes
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}" = Google Drive
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{25D69CEE-3EE2-47FD-9A0E-5013240EC953}" = CorelDRAW Graphics Suite X6 - Common
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{318FF3D7-0C40-483B-AF92-AF36416B0AC6}" = CorelDRAW Graphics Suite X6 - Writing Tools
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite MFC-7360N
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{4903D172-DCCB-392F-93A3-34CA9D47FE3D}" = Microsoft .NET Framework 4.5.1
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}" = CorelDRAW Graphics Suite X6 - Setup Files
"{538227C6-C74B-4A74-99E1-2C0B4F9DA5E1}" = Apple Mobile Device Support
"{579CA850-B2C3-43F3-A3F6-3A0AE42E8225}" = CorelDRAW Graphics Suite X6 - FontNav
"{5BAB5EF3-BFD8-414D-AADF-CCDD849888CB}" = Auto-diagnostika
"{603C6570-2BA1-4FC6-8735-7EFA6D1F6F61}" = CorelDRAW Graphics Suite X6 - Custom Data
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{62BEC144-7029-4BF4-B3F2-FA231FB9F84B}" = CorelDRAW Graphics Suite X6 - Redist
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{68C5B650-B0B1-422F-8451-DFE6BFFB8571}" = Intel® Trusted Connect Service Client
"{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}" = PaperPort Image Printer
"{6F53FB68-6620-423E-B7CD-B8205655B421}" = CorelDRAW Graphics Suite X6 - PHOTO-PAINT
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{74FA94F1-9566-4252-9372-E7EAFFEFE209}" = CorelDRAW Graphics Suite X6 - Capture
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7A2FF332-E4F6-4D87-9EBD-EDFF1216490F}" = CorelDRAW Graphics Suite X6 - Filters
"{7CCD75BD-5528-4FE1-90D2-392D661A2BF1}" = CorelDRAW Graphics Suite X6 - VSTA
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{7F9F6864-8CAB-440C-AF44-030D0135666D}" = CorelDRAW Graphics Suite X6
"{7FE25256-B7C1-480D-B736-10A67A833AEA}" = Podpora Apple aplikácií (32-bit)
"{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1" = Winki
"{879E2460-18F9-48F2-B736-4E814A699504}" = CorelDRAW Graphics Suite X6 - VBA
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A4315D0-7814-4528-A805-058C5B442475}" = CorelDRAW Graphics Suite X6 - CZ
"{90120000-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x86)
"{90150000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-0000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-0000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-0000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-0000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-0000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-0000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-0000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-0000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-0000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-0000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-0000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00E1-0409-0000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-0000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-0000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-0000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium
"{AC76BA86-1033-FFFF-7760-000000000006}" = Adobe Acrobat XI Pro
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{B502C03B-9BC5-490F-89BB-8A53F843F454}" = Intel(R) Smart Connect Technology 3.0 x86
"{B92076C0-C5FE-4DB1-AA8D-855430CDF098}" = Corel Graphics - Windows Shell Extension
"{BAB89D31-4C55-472B-8909-6CBE2CC276B1}" = Microsoft Visual Basic for Applications 7.1 (x86) English
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C5262276-0075-498B-B80F-7D997482E4DB}" = CorelDRAW Graphics Suite X6 - Draw
"{D4A17D31-2F7B-4682-AD57-467021452909}" = CorelDRAW Graphics Suite X6 - Photozoom Plugin
"{D4EFC6B7-3DA5-400D-9682-9BE287A5440E}" = CorelDRAW Graphics Suite X6 - Connect
"{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}" = Nuance PaperPort 12
"{DDFEB503-D662-4224-82C9-37A5698FDC25}" = CorelDRAW Graphics Suite X6 - VideoBrowser
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide(R) Viewer ActiveX Control Release 6.5
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player NPAPI" = Adobe Flash Player 20 NPAPI
"Adobe Flash Player PPAPI" = Adobe Flash Player 20 PPAPI
"CCleaner" = CCleaner
"Google Chrome" = Google Chrome
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 40.0.3 (x86 sk)" = Mozilla Firefox 40.0.3 (x86 sk)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"Opera 34.0.2036.47" = Opera Stable 34.0.2036.47
"The KMPlayer" = The KMPlayer (remove only)
"WinRAR archiver" = WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3781076814-2093129730-4001187080-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Viber" = Viber

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 14. 1. 2016 4:01:01 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5007

Error - 14. 1. 2016 4:01:02 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14. 1. 2016 4:01:02 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6006

Error - 14. 1. 2016 4:01:02 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006

Error - 14. 1. 2016 4:01:03 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14. 1. 2016 4:01:03 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7004

Error - 14. 1. 2016 4:01:03 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004

Error - 14. 1. 2016 4:01:04 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 14. 1. 2016 4:01:04 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8003

Error - 14. 1. 2016 4:01:04 | Computer Name = work_station | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8003

[ System Events ]
Error - 13. 1. 2016 12:22:45 | Computer Name = work_station | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 13. 1. 2016 13:57:47 | Computer Name = work_station | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 4.5.2 for Windows 7 (KB2901983).

Error - 13. 1. 2016 16:01:15 | Computer Name = work_station | Source = Service Control Manager | ID = 7000
Description = The ELSA Administration Service service failed to start due to the
following error: %%2

Error - 13. 1. 2016 16:01:15 | Computer Name = work_station | Source = Service Control Manager | ID = 7000
Description = The ELSA DBA Server service failed to start due to the following error:
%%2

Error - 13. 1. 2016 16:01:15 | Computer Name = work_station | Source = Service Control Manager | ID = 7000
Description = The ELSA Historie Server service failed to start due to the following
error: %%2

Error - 13. 1. 2016 16:01:15 | Computer Name = work_station | Source = Service Control Manager | ID = 7000
Description = The ELSA PASS Server service failed to start due to the following
error: %%2

Error - 13. 1. 2016 16:01:15 | Computer Name = work_station | Source = Service Control Manager | ID = 7000
Description = The ELSA APOSpro Server service failed to start due to the following
error: %%2

Error - 13. 1. 2016 16:12:57 | Computer Name = work_station | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 13. 1. 2016 18:45:18 | Computer Name = work_station | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 4.5.2 for Windows 7 (KB2901983).

Error - 14. 1. 2016 15:16:18 | Computer Name = work_station | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.


< End of report >

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 21:53
od Rudy
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text:
:OTL
SRV - [2015/07/31 15:42:02 | 000,235,696 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe -- (McComponentHostService)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\NTIOLib.sys -- (NTIOLib_1_0_C)
DRV - File not found [Kernel | On_Demand | Stopped] -- E:\CDriver.sys -- (MSICDSetup)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... urceid=ie7
IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-3781076814-2093129730-4001187080-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchT ... IM_enSK547
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
O32 - AutoRun File - [2012/10/16 19:34:32 | 000,000,031 | -H-- | M] () - F:\autorun.inf -- [ FAT32 ]

:files
C:\Program Files\McAfee Security Scan
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 22:10
od kudus
Nech sa páči:

All processes killed
========== OTL ==========
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!
C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe moved successfully.
Service NTIOLib_1_0_C stopped successfully!
Service NTIOLib_1_0_C deleted successfully!
File E:\NTIOLib.sys not found.
Service MSICDSetup stopped successfully!
Service MSICDSetup deleted successfully!
File E:\CDriver.sys not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_USERS\S-1-5-21-3781076814-2093129730-4001187080-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-3781076814-2093129730-4001187080-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
F:\autorun.inf moved successfully.
========== FILES ==========
C:\Program Files\McAfee Security Scan\3.11.163\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.11.163 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56475 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mareek
->Temp folder emptied: 39181367 bytes
->Temporary Internet Files folder emptied: 1117598 bytes
->FireFox cache emptied: 10751286 bytes
->Flash cache emptied: 521 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 86976 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2325381 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 3592704 bytes

Total Files Cleaned = 54,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Mareek
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 01142016_220758

Files\Folders moved on Reboot...
C:\Windows\System32\WPRO_41_2001woem.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 22:32
od Rudy
Smazáno. Nastala nějaká změna?

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 22:39
od kudus
Otestujem a dám vedieť. :)))

Co tam podľa Vás bolo?

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 14 led 2016 22:41
od Rudy
OK. Byly tam převážně zbytečnosti a pár AdWarů.

Re: Padanie prehliadača: Your computer is low on memory

Napsal: 16 led 2016 16:30
od kudus
Ďakujeeeeem veeeľmi pekne pane Rudy! :))

Bomba! Všetko fičí ako má :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz