000000002544 Čas na roztočení ploten
Znovu CrystalDiskInfo
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Co problémy?
Prosím o kontrolu logi z HJT Vyřešeno
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logi z HJT
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logi z HJT
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
Date : 2017/02/25 6:14:39
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HL-DT-ST DVDRAM GSA-H42N ATA Device
- ATA Channel 1 (1) [ATA]
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
- ATA Channel 2 (2) [ATA]
+ ATA Channel 3 (3) [ATA]
- SAMSUNG HD154UI ATA Device
+ ATA Channel 4 (4) [ATA]
- KINGSTON SV300S37A120G ATA Device
- ATA Channel 5 (5) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 2 (2)
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
-- Disk List ---------------------------------------------------------------
(1) KINGSTON SV300S37A120G : 120,0 GB [0/6/0, pd1] - sf
(2) SAMSUNG HD154UI : 1500,3 GB [1/5/0, pd1]
----------------------------------------------------------------------------
(1) KINGSTON SV300S37A120G
----------------------------------------------------------------------------
Model : KINGSTON SV300S37A120G
Firmware : 600ABBF0
Serial Number : 50026B775112A91B
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 3123 hod.
Power On Count : 920 krát
Host Reads : 3275 GB
Host Writes : 2032 GB
Temperature : 26 C (78 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 _95 _95 _50 00000000442761 Raw Read Error Rate
05 100 100 __3 00000000000000 Retired Block Count
09 _97 _97 __0 09DB7000000C33 Power-on Hours
0C 100 100 __0 00000000000398 Power Cycle Count
AB 100 100 __0 00000000000000 Program Fail Count
AC 100 100 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 00000000000029 Unexpected Power Loss Count
B1 __0 __0 __0 00000000000063 Wear Range Delta
B5 100 100 __0 00000000000000 Program Fail Count
B6 100 100 __0 00000000000000 Erase Fail Count
BB 100 100 __0 00000000000000 Reported Uncorrectable Errors
BD _26 _42 __0 000010002A001A Specifický pro výrobce
C2 _26 _42 __0 000010002A001A Temperature
C3 120 120 __0 00000000442761 On-the-Fly ECC Uncorrectable Error Count
C4 100 100 __3 00000000000000 Reallocation Event Count
C9 120 120 __0 00000000442761 Uncorrectable Soft Read Error Rate
CC 120 120 __0 00000000442761 Soft ECC Correction Rate
E6 100 100 __0 00000000000064 Life Curve Status
E7 100 100 _11 00000000000000 SSD Life Left
E9 __0 __0 __0 00000000000E12 Specifický pro výrobce
EA __0 __0 __0 000000000007F0 Specifický pro výrobce
F1 __0 __0 __0 000000000007F0 Lifetime Writes from Host
F2 __0 __0 __0 00000000000CCB Lifetime Reads from Host
F4 _99 _99 _10 0000000BB9002C Specifický pro výrobce
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3737 3531 3132 4139 3142 2020 2020
020: 0000 0000 0004 3630 3041 4242 4630 4B49 4E47 5354
030: 4F4E 2053 5633 3030 5333 3741 3132 3047 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4001 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0F08
070: 0000 0000 0000 0000 0000 001F 950E 0004 004C 0040
080: 01FC 0110 742B 7569 6163 7429 B449 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0001 4000 0000 5002 6B77
110: 5112 A91B 0000 0000 0000 0000 0000 0000 0000 405A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0025 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 5F 5F 61 27 44 00 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 61 61 33
020: 0C 00 00 70 DB 09 0C 32 00 64 64 98 03 00 00 00
030: 00 00 AB 0A 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AE 30 00 00 00 29
050: 00 00 00 00 00 00 B1 00 00 00 00 63 00 00 00 00
060: 00 00 B5 0A 00 64 64 00 00 00 00 00 00 00 B6 32
070: 00 64 64 00 00 00 00 00 00 00 BB 12 00 64 64 00
080: 00 00 00 00 00 00 BD 00 00 1A 2A 1A 00 2A 00 10
090: 00 00 C2 22 00 1A 2A 1A 00 2A 00 10 00 00 C3 1C
0A0: 00 78 78 61 27 44 00 00 00 00 C4 33 00 64 64 00
0B0: 00 00 00 00 00 00 C9 1C 00 78 78 61 27 44 00 00
0C0: 00 00 CC 1C 00 78 78 61 27 44 00 00 00 00 E6 13
0D0: 00 64 64 64 00 00 00 00 00 00 E7 00 00 64 64 00
0E0: 00 00 00 00 00 00 E9 32 00 00 00 12 0E 00 00 00
0F0: 00 00 EA 32 00 00 00 F0 07 00 00 00 00 00 F1 32
100: 00 00 00 F0 07 00 00 00 00 00 F2 32 00 00 00 CB
110: 0C 00 00 00 00 00 F4 00 00 63 63 2C 00 B9 0B 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7D
170: 03 00 01 00 01 30 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F9
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 03 00 00 00 00
0B0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0C0: 00 00 CC 00 00 00 00 00 00 00 00 00 00 00 E6 00
0D0: 00 00 00 00 00 00 00 00 00 00 E7 0B 00 00 00 00
0E0: 00 00 00 00 00 00 E9 00 00 00 00 00 00 00 00 00
0F0: 00 00 EA 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 F4 0A 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A0
----------------------------------------------------------------------------
(2) SAMSUNG HD154UI
----------------------------------------------------------------------------
Model : SAMSUNG HD154UI
Firmware : 1AG01118
Serial Number : S1XWJDWZ707888
Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 2930277168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 7768 hod.
Power On Count : 3241 krát
Temperature : 22 C (71 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : E: F: G:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _71 _71 _11 00000000253A Čas na roztočení ploten
04 _95 _95 __0 0000000012C1 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 000000001E58 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000CA9 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _82 _58 __0 0000120F0012 Teplota toku vzduchu
C2 _78 _53 __0 0000160F0016 Teplota
C3 100 100 __0 00000005F888 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 5857 4A44 575A 3730 3738 3838 2020 2020 2020
020: 0003 FFFF 0004 3141 4730 3131 3138 5341 4D53 554E
030: 4720 4844 3135 3455 4920 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 80FF 00A2
090: 00A2 0000 FFFE 0000 FE00 0008 0007 006C 86A0 0001
100: 7B30 AEA8 0000 0000 0064 0000 0000 0000 5002 4E90
110: 03D1 820C 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 96A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 47 47 3A 25 00 00 00 00 00 04 32 00 5F 5F C1
020: 12 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 62 62 58
050: 1E 00 00 00 00 00 0A 33 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 61 61 A9 0C 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 52 3A 12 00 0F 12 00
0C0: 00 00 C2 22 00 4E 35 16 00 0F 16 00 00 00 C3 1A
0D0: 00 64 64 88 F8 05 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 71 4C 00 7B
170: 03 00 01 00 02 FF 22 47 01 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
CrystalDiskInfo 7.0.5 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
Date : 2017/02/25 6:14:39
-- Controller Map ----------------------------------------------------------
+ ATA Channel 0 (0) [ATA]
- HL-DT-ST DVDRAM GSA-H42N ATA Device
- ATA Channel 1 (1) [ATA]
- ATA Channel 0 (0) [ATA]
- ATA Channel 1 (1) [ATA]
- ATA Channel 2 (2) [ATA]
+ ATA Channel 3 (3) [ATA]
- SAMSUNG HD154UI ATA Device
+ ATA Channel 4 (4) [ATA]
- KINGSTON SV300S37A120G ATA Device
- ATA Channel 5 (5) [ATA]
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
- ATA Channel 2 (2)
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)
+ PCI Standardní dvoukanálový řadič IDE [ATA]
- ATA Channel 0 (0)
- ATA Channel 1 (1)
-- Disk List ---------------------------------------------------------------
(1) KINGSTON SV300S37A120G : 120,0 GB [0/6/0, pd1] - sf
(2) SAMSUNG HD154UI : 1500,3 GB [1/5/0, pd1]
----------------------------------------------------------------------------
(1) KINGSTON SV300S37A120G
----------------------------------------------------------------------------
Model : KINGSTON SV300S37A120G
Firmware : 600ABBF0
Serial Number : 50026B775112A91B
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ACS-2 Revision 3
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 3123 hod.
Power On Count : 920 krát
Host Reads : 3275 GB
Host Writes : 2032 GB
Temperature : 26 C (78 F)
Health Status : Dobrý (100 %)
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 00FEh [ON]
AAM Level : ----
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr Raw Values (7) Attribute Name
01 _95 _95 _50 00000000442761 Raw Read Error Rate
05 100 100 __3 00000000000000 Retired Block Count
09 _97 _97 __0 09DB7000000C33 Power-on Hours
0C 100 100 __0 00000000000398 Power Cycle Count
AB 100 100 __0 00000000000000 Program Fail Count
AC 100 100 __0 00000000000000 Erase Fail Count
AE __0 __0 __0 00000000000029 Unexpected Power Loss Count
B1 __0 __0 __0 00000000000063 Wear Range Delta
B5 100 100 __0 00000000000000 Program Fail Count
B6 100 100 __0 00000000000000 Erase Fail Count
BB 100 100 __0 00000000000000 Reported Uncorrectable Errors
BD _26 _42 __0 000010002A001A Specifický pro výrobce
C2 _26 _42 __0 000010002A001A Temperature
C3 120 120 __0 00000000442761 On-the-Fly ECC Uncorrectable Error Count
C4 100 100 __3 00000000000000 Reallocation Event Count
C9 120 120 __0 00000000442761 Uncorrectable Soft Read Error Rate
CC 120 120 __0 00000000442761 Soft ECC Correction Rate
E6 100 100 __0 00000000000064 Life Curve Status
E7 100 100 _11 00000000000000 SSD Life Left
E9 __0 __0 __0 00000000000E12 Specifický pro výrobce
EA __0 __0 __0 000000000007F0 Specifický pro výrobce
F1 __0 __0 __0 000000000007F0 Lifetime Writes from Host
F2 __0 __0 __0 00000000000CCB Lifetime Reads from Host
F4 _99 _99 _10 0000000BB9002C Specifický pro výrobce
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3737 3531 3132 4139 3142 2020 2020
020: 0000 0000 0004 3630 3041 4242 4630 4B49 4E47 5354
030: 4F4E 2053 5633 3030 5333 3741 3132 3047 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4001 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 0F08
070: 0000 0000 0000 0000 0000 001F 950E 0004 004C 0040
080: 01FC 0110 742B 7569 6163 7429 B449 6163 407F 0001
090: 0001 00FE FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0001 4000 0000 5002 6B77
110: 5112 A91B 0000 0000 0000 0000 0000 0000 0000 405A
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0025 0000 0000 4000
210: 0000 0000 0100 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D1A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 5F 5F 61 27 44 00 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 00 09 32 00 61 61 33
020: 0C 00 00 70 DB 09 0C 32 00 64 64 98 03 00 00 00
030: 00 00 AB 0A 00 64 64 00 00 00 00 00 00 00 AC 32
040: 00 64 64 00 00 00 00 00 00 00 AE 30 00 00 00 29
050: 00 00 00 00 00 00 B1 00 00 00 00 63 00 00 00 00
060: 00 00 B5 0A 00 64 64 00 00 00 00 00 00 00 B6 32
070: 00 64 64 00 00 00 00 00 00 00 BB 12 00 64 64 00
080: 00 00 00 00 00 00 BD 00 00 1A 2A 1A 00 2A 00 10
090: 00 00 C2 22 00 1A 2A 1A 00 2A 00 10 00 00 C3 1C
0A0: 00 78 78 61 27 44 00 00 00 00 C4 33 00 64 64 00
0B0: 00 00 00 00 00 00 C9 1C 00 78 78 61 27 44 00 00
0C0: 00 00 CC 1C 00 78 78 61 27 44 00 00 00 00 E6 13
0D0: 00 64 64 64 00 00 00 00 00 00 E7 00 00 64 64 00
0E0: 00 00 00 00 00 00 E9 32 00 00 00 12 0E 00 00 00
0F0: 00 00 EA 32 00 00 00 F0 07 00 00 00 00 00 F1 32
100: 00 00 00 F0 07 00 00 00 00 00 F2 32 00 00 00 CB
110: 0C 00 00 00 00 00 F4 00 00 63 63 2C 00 B9 0B 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 7D
170: 03 00 01 00 01 30 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 F9
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 32 00 00 00 00 00 00 00 00 00 00 05 03
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 AB 00 00 00 00 00 00 00 00 00 00 00 AC 00
040: 00 00 00 00 00 00 00 00 00 00 AE 00 00 00 00 00
050: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
060: 00 00 B5 00 00 00 00 00 00 00 00 00 00 00 B6 00
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0A0: 00 00 00 00 00 00 00 00 00 00 C4 03 00 00 00 00
0B0: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
0C0: 00 00 CC 00 00 00 00 00 00 00 00 00 00 00 E6 00
0D0: 00 00 00 00 00 00 00 00 00 00 E7 0B 00 00 00 00
0E0: 00 00 00 00 00 00 E9 00 00 00 00 00 00 00 00 00
0F0: 00 00 EA 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 F4 0A 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 A0
----------------------------------------------------------------------------
(2) SAMSUNG HD154UI
----------------------------------------------------------------------------
Model : SAMSUNG HD154UI
Firmware : 1AG01118
Serial Number : S1XWJDWZ707888
Disk Size : 1500,3 GB (8,4/137,4/1500,3/1500,3)
Buffer Size : 32767 KB
Queue Depth : 32
# of Sectors : 2930277168
Rotation Rate : Neznámy údaj
Interface : Serial ATA
Major Version : ATA/ATAPI-7
Minor Version : ATA8-ACS version 3b
Transfer Mode : ---- | SATA/300
Power On Hours : 7768 hod.
Power On Count : 3241 krát
Temperature : 22 C (71 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0000h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : E: F: G:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Počet chyb čtení
03 _71 _71 _11 00000000253A Čas na roztočení ploten
04 _95 _95 __0 0000000012C1 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 100 100 _51 000000000000 Počet chybných hledání
08 100 100 _15 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 000000001E58 Hodin v činnosti
0A 100 100 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _97 _97 __0 000000000CA9 Počet cyklů zapnutí zařízení
0D 100 100 __0 000000000000 Počet pokusů o softvérové opravení chyb při čtení programů z disku
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 __0 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BE _82 _58 __0 0000120F0012 Teplota toku vzduchu
C2 _78 _53 __0 0000160F0016 Teplota
C3 100 100 __0 00000005F888 Počet oprav chybného čtení
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 100 100 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 000000000000 Počet chyb při zápisu sektorů
C9 253 253 __0 000000000000 Počet chyb při čtení programů z disku
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 8856 022A 003F 0000 0000 0000
010: 5331 5857 4A44 575A 3730 3738 3838 2020 2020 2020
020: 0003 FFFF 0004 3141 4730 3131 3138 5341 4D53 554E
030: 4720 4844 3135 3455 4920 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0100
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1706 0000 004C 0040
080: 00F8 0052 746B 7F69 4133 7469 BC41 4123 80FF 00A2
090: 00A2 0000 FFFE 0000 FE00 0008 0007 006C 86A0 0001
100: 7B30 AEA8 0000 0000 0064 0000 0000 0000 5002 4E90
110: 03D1 820C 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 96A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 0F 00 64 64 00 00 00 00 00 00 00 03 07
010: 00 47 47 3A 25 00 00 00 00 00 04 32 00 5F 5F C1
020: 12 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 64 64 00 00 00 00 00 00 00 08 25
040: 00 64 64 00 00 00 00 00 00 00 09 32 00 62 62 58
050: 1E 00 00 00 00 00 0A 33 00 64 64 00 00 00 00 00
060: 00 00 0B 12 00 64 64 00 00 00 00 00 00 00 0C 32
070: 00 61 61 A9 0C 00 00 00 00 00 0D 0E 00 64 64 00
080: 00 00 00 00 00 00 B7 32 00 64 64 00 00 00 00 00
090: 00 00 B8 33 00 64 64 00 00 00 00 00 00 00 BB 32
0A0: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
0B0: 00 00 00 00 00 00 BE 22 00 52 3A 12 00 0F 12 00
0C0: 00 00 C2 22 00 4E 35 16 00 0F 16 00 00 00 C3 1A
0D0: 00 64 64 88 F8 05 00 00 00 00 C4 32 00 64 64 00
0E0: 00 00 00 00 00 00 C5 12 00 64 64 00 00 00 00 00
0F0: 00 00 C6 30 00 64 64 00 00 00 00 00 00 00 C7 3E
100: 00 64 64 00 00 00 00 00 00 00 C8 0A 00 64 64 00
110: 00 00 00 00 00 00 C9 0A 00 FD FD 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 71 4C 00 7B
170: 03 00 01 00 02 FF 22 47 01 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 03 0B
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 33 00 00 00 00 00 00 00 00 00 00 08 0F
040: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
050: 00 00 00 00 00 00 0A 33 00 00 00 00 00 00 00 00
060: 00 00 0B 00 00 00 00 00 00 00 00 00 00 00 0C 00
070: 00 00 00 00 00 00 00 00 00 00 0D 00 00 00 00 00
080: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
090: 00 00 B8 00 00 00 00 00 00 00 00 00 00 00 BB 00
0A0: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
0B0: 00 00 00 00 00 00 BE 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C3 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 00 00 00 00 00
110: 00 00 00 00 00 00 C9 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10
Re: Prosím o kontrolu logi z HJT
Provedeno dle instrukcí. Bohužel pořád stejné. Já to přeinstaluji celé. Díky za čas. Tudy cesta asi nepovede.
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logi z HJT
Ještě počkej..
(2) SAMSUNG HD154UI
000000002544 Čas na roztočení ploten
00000000253A Čas na roztočení ploten
ten disk není OK...
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
(2) SAMSUNG HD154UI
000000002544 Čas na roztočení ploten
00000000253A Čas na roztočení ploten
ten disk není OK...
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logi z HJT
OTL logfile created on: 25.2.2017 19:55:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,38% Memory free
7,99 Gb Paging File | 5,94 Gb Available in Paging File | 74,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 14,73 Gb Free Space | 13,19% Space Free | Partition Type: NTFS
Drive E: | 100,17 Gb Total Space | 9,63 Gb Free Space | 9,62% Space Free | Partition Type: NTFS
Drive F: | 696,88 Gb Total Space | 80,58 Gb Free Space | 11,56% Space Free | Partition Type: NTFS
Drive G: | 600,21 Gb Total Space | 65,09 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Computer Name: BUDA-PC | User Name: Buda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - F:\Programy\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Buda\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - G:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
PRC - C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ()
MOD - C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software s.r.o.)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Origin Web Helper Service) -- G:\Games\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- G:\Games\Origin\OriginClientService.exe (Electronic Arts)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcronisOSSReinstallSvc) -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswvmm.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (IBM Corp.)
DRV:64bit: - (RapportHades64) -- C:\Windows\SysNative\drivers\RapportHades64.sys (IBM Corp.)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (RapportCerberus_1804047) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys (IBM Corp.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (IBM Corp.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (IBM Corp.)
DRV - (RapportAegle64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys (IBM Corp.)
DRV - (AODDriver4.3.0) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\Programy instal\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\.bak
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_1\
O1 HOSTS File: ([2017.02.24 20:54:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [World of Tanks] G:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
O4 - HKCU..\Run: [World of Warships] G:\Games\World_of_Warships\WargamingGameUpdater.exe (Wargaming.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.33.112.42 46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E1FBBBC-AB10-4A7E-AD28-5EF9D82BF6A6}: DhcpNameServer = 46.33.112.42 46.33.96.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017.02.25 19:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.02.24 21:00:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.02.24 17:36:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2017.02.24 17:35:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2017.02.24 17:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.02.24 17:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.02.24 16:19:19 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Diagnostics
[2017.02.24 15:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2017.02.24 15:49:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2017.02.24 15:01:02 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\NokiaAccount
[2017.02.23 19:46:03 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\CrashDumps
[2017.02.23 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\VirtualStore
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Temp
[2017.02.23 19:12:18 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.02.23 04:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.02.22 20:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.02.22 20:10:49 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:10:49 | 000,309,784 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:10:49 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:10:49 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.22 20:10:36 | 000,398,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.21 22:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.02.21 22:27:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.02.20 19:37:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2017.02.20 19:36:49 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 19:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2017.02.20 17:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2017.02.20 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2017.02.15 05:44:25 | 000,000,000 | ---D | C] -- C:\Users\Buda\ansel
[2017.02.14 20:51:17 | 000,134,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.14 20:45:12 | 034,937,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.14 20:45:12 | 019,006,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.14 20:45:12 | 014,674,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.14 20:45:12 | 011,019,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 008,990,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 000,408,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.14 20:45:11 | 028,212,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.14 20:45:11 | 000,153,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.14 20:45:11 | 000,131,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.14 20:45:10 | 000,961,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.14 20:45:10 | 000,912,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.14 20:45:10 | 000,611,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,500,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,170,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.14 20:45:10 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.14 20:45:09 | 001,983,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.14 20:45:09 | 001,589,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.14 20:45:09 | 001,051,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.14 20:45:09 | 000,989,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.14 20:45:09 | 000,687,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,576,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,504,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.14 20:45:09 | 000,425,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.14 20:45:08 | 016,398,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.14 20:45:07 | 013,377,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.14 20:45:07 | 003,627,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.14 20:45:07 | 003,187,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.14 20:45:06 | 011,122,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.14 20:45:06 | 009,305,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
========== Files - Modified Within 30 Days ==========
[2017.02.25 19:49:53 | 000,669,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.02.25 19:49:53 | 000,655,054 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.02.25 19:49:53 | 000,141,292 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.02.25 19:49:53 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.02.25 19:49:52 | 001,585,998 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.02.25 19:49:04 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.25 19:49:04 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.25 19:43:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.02.25 19:43:06 | 3219,259,392 | -HS- | M] () -- C:\hiberfil.sys
[2017.02.25 06:18:15 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.02.24 20:54:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2017.02.24 17:31:43 | 000,001,204 | ---- | M] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 20:35:11 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2017.02.23 19:12:17 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | M] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.22 20:11:10 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2017.02.22 20:10:22 | 000,547,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.02.22 20:10:22 | 000,398,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.22 20:10:22 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys.148779067046504
[2017.02.22 20:10:22 | 000,162,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2017.02.22 20:10:22 | 000,126,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.02.22 20:10:22 | 000,074,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.02.22 20:10:22 | 000,038,296 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.02.22 20:10:21 | 000,100,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.02.22 20:10:08 | 000,991,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.02.22 20:10:08 | 000,032,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.02.22 20:09:54 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:09:54 | 000,309,784 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:09:54 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:09:54 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.20 22:16:51 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 17:49:52 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.16 20:00:56 | 000,281,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2017.02.10 01:52:40 | 040,192,056 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.10 01:52:40 | 035,272,760 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.02.10 01:52:40 | 034,937,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.10 01:52:40 | 028,212,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.10 01:52:40 | 019,110,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2017.02.10 01:52:40 | 019,006,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.10 01:52:40 | 016,510,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2017.02.10 01:52:40 | 016,398,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.10 01:52:40 | 014,674,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.10 01:52:40 | 013,377,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.10 01:52:40 | 011,122,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.10 01:52:40 | 011,019,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 009,305,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2017.02.10 01:52:40 | 008,990,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 004,064,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2017.02.10 01:52:40 | 003,627,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.10 01:52:40 | 003,583,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2017.02.10 01:52:40 | 003,187,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.10 01:52:40 | 001,983,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.10 01:52:40 | 001,589,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.10 01:52:40 | 001,051,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.10 01:52:40 | 000,989,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.10 01:52:40 | 000,961,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.10 01:52:40 | 000,912,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.10 01:52:40 | 000,687,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,611,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,576,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,504,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.10 01:52:40 | 000,500,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,492,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2017.02.10 01:52:40 | 000,425,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.10 01:52:40 | 000,408,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.10 01:52:40 | 000,170,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.10 01:52:40 | 000,153,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.10 01:52:40 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.10 01:52:40 | 000,131,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.10 01:52:40 | 000,042,606 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2017.02.10 00:13:14 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
[2017.02.09 23:57:14 | 006,403,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2017.02.09 23:57:14 | 002,477,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2017.02.09 23:57:12 | 001,764,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2017.02.09 23:57:12 | 000,548,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2017.02.09 23:57:12 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2017.02.09 23:57:12 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2017.02.09 23:57:12 | 000,071,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2017.02.09 23:57:04 | 007,791,217 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2017.02.09 23:39:48 | 000,134,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.03 19:59:43 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2017.02.24 17:31:43 | 000,001,204 | ---- | C] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 19:34:18 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | C] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.20 17:49:52 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.14 20:45:03 | 040,192,056 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.14 20:45:03 | 035,272,760 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.01.26 01:13:16 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017.01.26 01:12:46 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2016.08.17 19:59:33 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.08.17 19:59:33 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2015.10.29 16:23:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015.07.30 15:06:05 | 001,564,220 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.07.24 14:20:24 | 000,000,180 | ---- | C] () -- C:\Windows\Dimaxis.ini
[2015.04.12 12:20:02 | 000,005,632 | ---- | C] () -- C:\Users\Buda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2016.03.18 19:38:49 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\.mono
[2015.08.22 11:41:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Audacity
[2016.06.13 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\AVAST Software
[2016.02.28 13:11:15 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Battle.net
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\DAEMON Tools Lite
[2015.03.19 12:38:17 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\ESET
[2015.11.04 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\LolClient
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia Suite
[2017.02.05 12:09:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Origin
[2015.11.19 21:05:51 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\PC Suite
[2015.03.27 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Riot Games
[2016.12.01 20:40:48 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Spotify
[2016.04.29 19:44:56 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\TeamViewer
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\uTorrent
[2015.03.20 03:27:44 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Wargaming.net
========== Purity Check ==========
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,38% Memory free
7,99 Gb Paging File | 5,94 Gb Available in Paging File | 74,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 14,73 Gb Free Space | 13,19% Space Free | Partition Type: NTFS
Drive E: | 100,17 Gb Total Space | 9,63 Gb Free Space | 9,62% Space Free | Partition Type: NTFS
Drive F: | 696,88 Gb Total Space | 80,58 Gb Free Space | 11,56% Space Free | Partition Type: NTFS
Drive G: | 600,21 Gb Total Space | 65,09 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Computer Name: BUDA-PC | User Name: Buda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - F:\Programy\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Buda\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - G:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
PRC - C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ()
MOD - C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\gpuploader_i18n.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software s.r.o.)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Origin Web Helper Service) -- G:\Games\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- G:\Games\Origin\OriginClientService.exe (Electronic Arts)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcronisOSSReinstallSvc) -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswvmm.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (IBM Corp.)
DRV:64bit: - (RapportHades64) -- C:\Windows\SysNative\drivers\RapportHades64.sys (IBM Corp.)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (RapportCerberus_1804047) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys (IBM Corp.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (IBM Corp.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (IBM Corp.)
DRV - (RapportAegle64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys (IBM Corp.)
DRV - (AODDriver4.3.0) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\Programy instal\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\.bak
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_1\
O1 HOSTS File: ([2017.02.24 20:54:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [World of Tanks] G:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
O4 - HKCU..\Run: [World of Warships] G:\Games\World_of_Warships\WargamingGameUpdater.exe (Wargaming.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.33.112.42 46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E1FBBBC-AB10-4A7E-AD28-5EF9D82BF6A6}: DhcpNameServer = 46.33.112.42 46.33.96.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017.02.25 19:53:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.02.24 21:00:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.02.24 17:36:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2017.02.24 17:35:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2017.02.24 17:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.02.24 17:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.02.24 16:19:19 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Diagnostics
[2017.02.24 15:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2017.02.24 15:49:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2017.02.24 15:01:02 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\NokiaAccount
[2017.02.23 19:46:03 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\CrashDumps
[2017.02.23 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\VirtualStore
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Temp
[2017.02.23 19:12:18 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.02.23 04:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.02.22 20:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.02.22 20:10:49 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:10:49 | 000,309,784 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:10:49 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:10:49 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.22 20:10:36 | 000,398,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.21 22:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.02.21 22:27:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.02.20 19:37:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2017.02.20 19:36:49 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 19:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2017.02.20 17:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2017.02.20 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2017.02.15 05:44:25 | 000,000,000 | ---D | C] -- C:\Users\Buda\ansel
[2017.02.14 20:51:17 | 000,134,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.14 20:45:12 | 034,937,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.14 20:45:12 | 019,006,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.14 20:45:12 | 014,674,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.14 20:45:12 | 011,019,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 008,990,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 000,408,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.14 20:45:11 | 028,212,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.14 20:45:11 | 000,153,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.14 20:45:11 | 000,131,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.14 20:45:10 | 000,961,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.14 20:45:10 | 000,912,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.14 20:45:10 | 000,611,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,500,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,170,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.14 20:45:10 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.14 20:45:09 | 001,983,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.14 20:45:09 | 001,589,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.14 20:45:09 | 001,051,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.14 20:45:09 | 000,989,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.14 20:45:09 | 000,687,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,576,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,504,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.14 20:45:09 | 000,425,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.14 20:45:08 | 016,398,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.14 20:45:07 | 013,377,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.14 20:45:07 | 003,627,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.14 20:45:07 | 003,187,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.14 20:45:06 | 011,122,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.14 20:45:06 | 009,305,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
========== Files - Modified Within 30 Days ==========
[2017.02.25 19:49:53 | 000,669,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.02.25 19:49:53 | 000,655,054 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.02.25 19:49:53 | 000,141,292 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.02.25 19:49:53 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.02.25 19:49:52 | 001,585,998 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.02.25 19:49:04 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.25 19:49:04 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.25 19:43:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.02.25 19:43:06 | 3219,259,392 | -HS- | M] () -- C:\hiberfil.sys
[2017.02.25 06:18:15 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.02.24 20:54:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2017.02.24 17:31:43 | 000,001,204 | ---- | M] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 20:35:11 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2017.02.23 19:12:17 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | M] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.22 20:11:10 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2017.02.22 20:10:22 | 000,547,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.02.22 20:10:22 | 000,398,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.22 20:10:22 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys.148779067046504
[2017.02.22 20:10:22 | 000,162,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2017.02.22 20:10:22 | 000,126,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.02.22 20:10:22 | 000,074,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.02.22 20:10:22 | 000,038,296 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.02.22 20:10:21 | 000,100,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.02.22 20:10:08 | 000,991,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.02.22 20:10:08 | 000,032,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.02.22 20:09:54 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:09:54 | 000,309,784 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:09:54 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:09:54 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.20 22:16:51 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 17:49:52 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.16 20:00:56 | 000,281,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2017.02.10 01:52:40 | 040,192,056 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.10 01:52:40 | 035,272,760 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.02.10 01:52:40 | 034,937,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.10 01:52:40 | 028,212,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.10 01:52:40 | 019,110,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2017.02.10 01:52:40 | 019,006,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.10 01:52:40 | 016,510,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2017.02.10 01:52:40 | 016,398,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.10 01:52:40 | 014,674,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.10 01:52:40 | 013,377,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.10 01:52:40 | 011,122,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.10 01:52:40 | 011,019,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 009,305,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2017.02.10 01:52:40 | 008,990,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 004,064,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2017.02.10 01:52:40 | 003,627,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.10 01:52:40 | 003,583,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2017.02.10 01:52:40 | 003,187,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.10 01:52:40 | 001,983,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.10 01:52:40 | 001,589,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.10 01:52:40 | 001,051,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.10 01:52:40 | 000,989,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.10 01:52:40 | 000,961,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.10 01:52:40 | 000,912,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.10 01:52:40 | 000,687,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,611,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,576,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,504,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.10 01:52:40 | 000,500,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,492,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2017.02.10 01:52:40 | 000,425,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.10 01:52:40 | 000,408,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.10 01:52:40 | 000,170,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.10 01:52:40 | 000,153,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.10 01:52:40 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.10 01:52:40 | 000,131,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.10 01:52:40 | 000,042,606 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2017.02.10 00:13:14 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
[2017.02.09 23:57:14 | 006,403,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2017.02.09 23:57:14 | 002,477,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2017.02.09 23:57:12 | 001,764,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2017.02.09 23:57:12 | 000,548,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2017.02.09 23:57:12 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2017.02.09 23:57:12 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2017.02.09 23:57:12 | 000,071,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2017.02.09 23:57:04 | 007,791,217 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2017.02.09 23:39:48 | 000,134,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.03 19:59:43 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2017.02.24 17:31:43 | 000,001,204 | ---- | C] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 19:34:18 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | C] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.20 17:49:52 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.14 20:45:03 | 040,192,056 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.14 20:45:03 | 035,272,760 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.01.26 01:13:16 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017.01.26 01:12:46 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2016.08.17 19:59:33 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.08.17 19:59:33 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2015.10.29 16:23:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015.07.30 15:06:05 | 001,564,220 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.07.24 14:20:24 | 000,000,180 | ---- | C] () -- C:\Windows\Dimaxis.ini
[2015.04.12 12:20:02 | 000,005,632 | ---- | C] () -- C:\Users\Buda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2016.03.18 19:38:49 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\.mono
[2015.08.22 11:41:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Audacity
[2016.06.13 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\AVAST Software
[2016.02.28 13:11:15 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Battle.net
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\DAEMON Tools Lite
[2015.03.19 12:38:17 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\ESET
[2015.11.04 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\LolClient
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia Suite
[2017.02.05 12:09:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Origin
[2015.11.19 21:05:51 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\PC Suite
[2015.03.27 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Riot Games
[2016.12.01 20:40:48 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Spotify
[2016.04.29 19:44:56 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\TeamViewer
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\uTorrent
[2015.03.20 03:27:44 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Wargaming.net
========== Purity Check ==========
< End of report >
Re: Prosím o kontrolu logi z HJT
OTL Extras logfile created on: 25.2.2017 19:55:26 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,38% Memory free
7,99 Gb Paging File | 5,94 Gb Available in Paging File | 74,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 14,73 Gb Free Space | 13,19% Space Free | Partition Type: NTFS
Drive E: | 100,17 Gb Total Space | 9,63 Gb Free Space | 9,62% Space Free | Partition Type: NTFS
Drive F: | 696,88 Gb Total Space | 80,58 Gb Free Space | 11,56% Space Free | Partition Type: NTFS
Drive G: | 600,21 Gb Total Space | 65,09 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Computer Name: BUDA-PC | User Name: Buda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016DA9F4-8DBD-4790-AA25-51924130B878}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{02052C1B-B2EF-484D-A49F-4FD068DF4BA0}" = rport=445 | protocol=6 | dir=out | app=system |
"{02ACFCF5-F9A9-48B8-9623-D64A9417D424}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{12043105-25E9-4CE4-AD49-0EECDF8153C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{1442A7C8-6809-452E-871B-E859D92894F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{15B11E5F-0C37-40B6-A702-F35BF1E03848}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1C69E569-75F8-4AF6-86A3-175F8384C607}" = lport=2869 | protocol=6 | dir=in | app=system |
"{278B7A85-2C8B-486B-A628-50AB21B9D21E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.561_0\szbrowser.exe |
"{3FD68919-21F8-443C-ABCC-6BDD3332B17E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48640023-4F9A-47E9-85C0-FBA95D4978DA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{4F1F51F8-08D0-4A6E-A9C2-1F6AE143DCE3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{512044B8-92CD-4286-9AE6-6FF1ABC3BCED}" = rport=138 | protocol=17 | dir=out | app=system |
"{53F3F2D8-F4EF-4A30-99DD-32DE6C424CC7}" = lport=137 | protocol=17 | dir=in | app=system |
"{5AFDED01-E6FF-4AA9-88CF-E471EABF0F2C}" = rport=139 | protocol=6 | dir=out | app=system |
"{6208A05C-7A82-4060-B64D-1E575C192CBF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{688ED327-F9F6-4223-B292-0744CF11C8BD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{763D09E0-6314-4F64-BD82-B1162F5F9286}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7691F43D-12D9-44B0-A798-4CDD97754BD3}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A186E93-6594-478B-9859-C0507C8C4DEE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{831EDEAC-2605-4CAB-BE35-40015BFB3F93}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{8651EDAC-B33E-473B-9E2C-7C6B27400D5C}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{908BFDF4-10E9-42F1-9CEB-3E7A829D4724}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A06C27D3-7727-47B7-9AC6-297224CE3E44}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{A82AB6E9-CF26-4D2F-B14C-27C42904BC60}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B72E30D7-4588-4FCB-B74B-C01C42F2BACE}" = lport=138 | protocol=17 | dir=in | app=system |
"{B9B6983C-A807-4EFE-BF09-983ABB1CD1ED}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{D1CD5BD4-BF20-4FD6-8827-BF08CEE592CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DB5A0F31-0CE4-4EC3-966F-5604A1C8CF64}" = lport=139 | protocol=6 | dir=in | app=system |
"{E357C0C7-431B-4D46-B98B-CC417DEE3A36}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{FD1D0BD5-3A53-4704-95B6-74958990673D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0347F735-49E7-4AFB-B508-B8A10F5AD5C5}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{04CEEDAC-884E-4C07-BCDA-A414B218EB3C}" = protocol=17 | dir=in | app=f:\games instal\steam\steam.exe |
"{06F4EDEB-8D03-4F4E-B5F4-267C8AA17B18}" = protocol=17 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe |
"{0864B2D0-ABE7-4474-B7CE-8E44AB8E76CF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{0A36D320-9A88-49DB-BF8E-09BA606218CD}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\botanicula\botanicula.exe |
"{0BB61AD1-3B1F-4B38-897F-3B1AC4D03E1C}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{0E917514-382E-4780-8C0E-F09452AC8FEA}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{0F5E7A1C-DB9A-453E-A4F3-93936972A930}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16AF28B4-FA68-403F-BB06-0DBDBAD1B85B}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{186E79DC-22AC-4B21-9300-BF9B32D7841A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DAA772A-995F-4C48-AE2A-F6CFEDFABC1A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{21B1A753-CFDA-45DD-86E5-906DBB5C19B5}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{29A94C58-A048-4488-A7F9-98B946723FDA}" = protocol=17 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3mp.exe |
"{37C23DAB-2FB8-43EA-A1E0-07C522803AE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A47AB93-2523-4502-9D24-DA7BCFA3EDC1}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{4BBFADE6-C915-4C57-8A5F-33EEFFFC20B0}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{4C6B9756-2093-4EE0-B90D-A7F6ED3C945A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CE1DD31-F4C5-46AC-8A7E-631C3F09F514}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{4D9F1694-459C-44A7-8580-6635F4A4C9BC}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{4DF0D050-59F0-4143-B8A7-2C70EE56D1A3}" = protocol=6 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3mp.exe |
"{4F9EDFE6-263F-46C5-B37F-9A4D47A0F1A1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{5094B73D-5D15-4562-80C2-05D028B08583}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{51EDD54A-870E-4AF5-AC4C-273D9B35CD88}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5305B478-D75F-4505-B286-D482FDF7FF8D}" = protocol=6 | dir=out | app=system |
"{5502C9F6-03A6-4CCF-B205-33208A8DA491}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{59FBC99A-4F09-492D-9454-10F8B0079E11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5A140158-43BE-4FC1-9D98-40BB79242D09}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{5A3671AA-F4F4-4F1D-A4BC-2515F735918E}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe |
"{6198E264-AAF1-4EA1-AFFB-176C974FF190}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{666D5BAA-D7B6-4566-8BB4-1A9BF7DAC6D9}" = protocol=6 | dir=in | app=f:\games instal\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{6FF4E6ED-D42E-493C-A31E-6F32B70C1B56}" = protocol=6 | dir=in | app=f:\games instal\steam\steam.exe |
"{73E5DD45-0C73-42AE-A630-ED857DB8341A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{753D056B-B482-471B-AAFA-6C7280F5651F}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{7A467E27-0F8E-46FC-AE81-8EE83B5583CC}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{7ABAE725-5D15-43A8-8FB0-F6EE3C857553}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{7E163B80-B097-4CE6-9E63-17DBCD27AB89}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7E783D3F-74F7-4304-B6EF-99B15DCC664C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80C89CE7-9E2E-470D-B061-64E4E81DC8BB}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{82003FFF-E5EC-4D9E-A37D-A347EC31233B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{846F5E2A-AC00-4739-A738-1888B581988B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87763FC8-A3C4-46F2-BB0C-3501EF0DF4A1}" = protocol=17 | dir=in | app=f:\games instal\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{8DA3E57B-BE4C-40AD-A1F9-0BF55768D68C}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{92F09C44-0E83-403F-990F-305454A21518}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{95705537-8C5F-4C60-A7AC-F439B6404187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A15FAB13-A3BE-4CDA-9795-93516E173E99}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A93A299D-79ED-4011-9419-44E90430FF2B}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{AAB734F8-DEA0-4423-B4F9-E2CEA5F3706E}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{AD58CB2E-29C8-4086-AC9B-B1C12C060BE2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{AD917208-14A5-43D7-A6E8-520200BCFA26}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{AE1A2563-B886-4876-A317-653D26F6FEE3}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{AE5770ED-C585-4A1C-8BD4-C08C8E5C9F45}" = dir=in | app=g:\games\world_of_warships\worldofwarships.exe |
"{AE8714C2-14D1-492A-A2E6-6D217DE10DBB}" = protocol=6 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe |
"{B4875507-1136-49B0-BBAE-A6DEC169B3A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B93E6044-2D48-446B-AA80-877B4FCAEDB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB1B05F2-5B14-483F-8670-28C86EECB26F}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\botanicula\botanicula.exe |
"{BD0B7B29-811C-4B3F-804B-9E2D9E6E7D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{C288F957-518D-4713-B609-D92B72FBE3E5}" = dir=in | app=g:\games\world_of_warships\wowslauncher.exe |
"{C5492393-21CD-402C-84E6-E45158BD50C6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{D204E719-D461-4FAC-BE0E-30DFD06E0923}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{D455F674-F4BC-4A94-ABDB-646B9AF89A1C}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{D51E10DF-B42C-4823-9493-098ACF5FD47F}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{DC6F0395-882B-4E4E-A52B-B56485C9C5E9}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe |
"{E1F48AAB-6D46-412F-B020-4E79BC6FE358}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3BD680D-BDF6-4F97-8D7C-04403CB7DD33}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{EA060BF9-E629-470A-9EEF-8BC24528E82F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EE6033FC-BFA9-4444-A34E-2D998270751F}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{EF8A64A7-9004-4C40-B390-5C262A406363}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{25406813-9DD6-428B-B623-66C2EE4BA367}G:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=g:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{2880B7A9-E1EE-48F7-8E55-84B85E369D68}G:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=g:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{659397A6-D713-4545-A9B6-AB924EC74E35}C:\users\buda\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\buda\appdata\roaming\spotify\spotify.exe |
"TCP Query User{8BEC9A05-7AEB-4DE5-AFAC-7878423E3C6E}G:\games\hearthstone\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=g:\games\hearthstone\hearthstone\hearthstone.exe |
"UDP Query User{1A4D05AD-5D27-4DB8-963F-A9432A096016}G:\games\hearthstone\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=g:\games\hearthstone\hearthstone\hearthstone.exe |
"UDP Query User{558F6C63-741F-4494-B528-8B6D2B5A24D7}G:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=g:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{857700B5-456B-442C-AF57-2159CE4CA4D9}G:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=g:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{CEA988DC-96C0-450D-938E-B2F415001CFD}C:\users\buda\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\buda\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 378.66
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 378.66
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 378.66
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.3.0.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 369.04
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 23.23.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA Wireless Controller Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.34.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NvNodejs
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NvTelemetry
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NvvHci
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.3.0.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.51.2
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.78
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Steam App 207690" = Botanicula
"VulkanRT1.0.39.1" = Vulkan Run Time Libraries 1.0.39.1
"WinRAR archiver" = WinRAR 5.21 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-0804-1033-1959-001824211354}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}" = Google+ Auto Backup
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EEB605FD-C5F5-4946-90F3-D65C604A9187}" = AMD OverDrive
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Avast Antivirus" = Avast Free Antivirus
"AviSynth" = AviSynth 2.5
"Battle.net" = Battle.net
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.0.5
"GOGPACKTHEWITCHER2EE_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes of the Storm" = Heroes of the Storm
"League of Legends 3.0.1" = League of Legends
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Picasa 3" = Picasa 3
"Rapport_msi" = Ochrana koncového bodu Trusteer
"SafeZone 3.55.2393.561" = SafeZone Stable 3.55.2393.561
"SpeedFan" = SpeedFan (remove only)
"TeamViewer" = TeamViewer 11
"The KMPlayer" = KMPlayer (remove only)
"Uplay" = Uplay
"Uplay Install 54" = Assassin's Creed III
"uTorrent" = µTorrent
"VLC media player" = VLC media player
"VobSub" = VobSub v2.23 (Remove Only)
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1" = World of Warships
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.12.2016 21:13:23 | Computer Name = Buda-PC | Source = Application Hang | ID = 1002
Description = Program HeroesOfTheStorm_x64.exe verze 0.22.4.49008 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 3cc Čas spuštění: 01d26236b3ca3e5b Čas ukončení: 391 Cesta k aplikaci: G:\Games\Heroes
of the Storm\Heroes of the Storm\Versions\Base49008\HeroesOfTheStorm_x64.exe ID
hlášení:
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = ESENT | ID = 455
Description = Windows (4776) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0004A.log
došlo k chybě -1811.
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 7010
Description =
[ System Events ]
Error - 25.2.2017 1:21:55 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (30000 ms).
Error - 25.2.2017 1:21:55 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 25.2.2017 1:21:57 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: EpfwLWF
Error - 25.2.2017 1:21:59 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.
Error - 25.2.2017 1:21:59 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 25.2.2017 14:43:17 | Computer Name = Buda-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.
Error - 25.2.2017 14:43:17 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 25.2.2017 14:43:49 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (30000 ms).
Error - 25.2.2017 14:43:49 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 25.2.2017 14:43:57 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: EpfwLWF
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,25 Gb Available Physical Memory | 56,38% Memory free
7,99 Gb Paging File | 5,94 Gb Available in Paging File | 74,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 14,73 Gb Free Space | 13,19% Space Free | Partition Type: NTFS
Drive E: | 100,17 Gb Total Space | 9,63 Gb Free Space | 9,62% Space Free | Partition Type: NTFS
Drive F: | 696,88 Gb Total Space | 80,58 Gb Free Space | 11,56% Space Free | Partition Type: NTFS
Drive G: | 600,21 Gb Total Space | 65,09 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Computer Name: BUDA-PC | User Name: Buda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{016DA9F4-8DBD-4790-AA25-51924130B878}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{02052C1B-B2EF-484D-A49F-4FD068DF4BA0}" = rport=445 | protocol=6 | dir=out | app=system |
"{02ACFCF5-F9A9-48B8-9623-D64A9417D424}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{12043105-25E9-4CE4-AD49-0EECDF8153C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{1442A7C8-6809-452E-871B-E859D92894F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{15B11E5F-0C37-40B6-A702-F35BF1E03848}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1C69E569-75F8-4AF6-86A3-175F8384C607}" = lport=2869 | protocol=6 | dir=in | app=system |
"{278B7A85-2C8B-486B-A628-50AB21B9D21E}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\3.55.2393.561_0\szbrowser.exe |
"{3FD68919-21F8-443C-ABCC-6BDD3332B17E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{48640023-4F9A-47E9-85C0-FBA95D4978DA}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{4F1F51F8-08D0-4A6E-A9C2-1F6AE143DCE3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{512044B8-92CD-4286-9AE6-6FF1ABC3BCED}" = rport=138 | protocol=17 | dir=out | app=system |
"{53F3F2D8-F4EF-4A30-99DD-32DE6C424CC7}" = lport=137 | protocol=17 | dir=in | app=system |
"{5AFDED01-E6FF-4AA9-88CF-E471EABF0F2C}" = rport=139 | protocol=6 | dir=out | app=system |
"{6208A05C-7A82-4060-B64D-1E575C192CBF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{688ED327-F9F6-4223-B292-0744CF11C8BD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{763D09E0-6314-4F64-BD82-B1162F5F9286}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7691F43D-12D9-44B0-A798-4CDD97754BD3}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A186E93-6594-478B-9859-C0507C8C4DEE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{831EDEAC-2605-4CAB-BE35-40015BFB3F93}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{8651EDAC-B33E-473B-9E2C-7C6B27400D5C}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{908BFDF4-10E9-42F1-9CEB-3E7A829D4724}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{A06C27D3-7727-47B7-9AC6-297224CE3E44}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{A82AB6E9-CF26-4D2F-B14C-27C42904BC60}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B72E30D7-4588-4FCB-B74B-C01C42F2BACE}" = lport=138 | protocol=17 | dir=in | app=system |
"{B9B6983C-A807-4EFE-BF09-983ABB1CD1ED}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvcontainer\nvcontainer.exe |
"{D1CD5BD4-BF20-4FD6-8827-BF08CEE592CD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DB5A0F31-0CE4-4EC3-966F-5604A1C8CF64}" = lport=139 | protocol=6 | dir=in | app=system |
"{E357C0C7-431B-4D46-B98B-CC417DEE3A36}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{FD1D0BD5-3A53-4704-95B6-74958990673D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0347F735-49E7-4AFB-B508-B8A10F5AD5C5}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{04CEEDAC-884E-4C07-BCDA-A414B218EB3C}" = protocol=17 | dir=in | app=f:\games instal\steam\steam.exe |
"{06F4EDEB-8D03-4F4E-B5F4-267C8AA17B18}" = protocol=17 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe |
"{0864B2D0-ABE7-4474-B7CE-8E44AB8E76CF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{0A36D320-9A88-49DB-BF8E-09BA606218CD}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\botanicula\botanicula.exe |
"{0BB61AD1-3B1F-4B38-897F-3B1AC4D03E1C}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{0E917514-382E-4780-8C0E-F09452AC8FEA}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{0F5E7A1C-DB9A-453E-A4F3-93936972A930}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{16AF28B4-FA68-403F-BB06-0DBDBAD1B85B}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{186E79DC-22AC-4B21-9300-BF9B32D7841A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1DAA772A-995F-4C48-AE2A-F6CFEDFABC1A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{21B1A753-CFDA-45DD-86E5-906DBB5C19B5}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{29A94C58-A048-4488-A7F9-98B946723FDA}" = protocol=17 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3mp.exe |
"{37C23DAB-2FB8-43EA-A1E0-07C522803AE4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3A47AB93-2523-4502-9D24-DA7BCFA3EDC1}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{4BBFADE6-C915-4C57-8A5F-33EEFFFC20B0}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{4C6B9756-2093-4EE0-B90D-A7F6ED3C945A}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4CE1DD31-F4C5-46AC-8A7E-631C3F09F514}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{4D9F1694-459C-44A7-8580-6635F4A4C9BC}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{4DF0D050-59F0-4143-B8A7-2C70EE56D1A3}" = protocol=6 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3mp.exe |
"{4F9EDFE6-263F-46C5-B37F-9A4D47A0F1A1}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{5094B73D-5D15-4562-80C2-05D028B08583}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{51EDD54A-870E-4AF5-AC4C-273D9B35CD88}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5305B478-D75F-4505-B286-D482FDF7FF8D}" = protocol=6 | dir=out | app=system |
"{5502C9F6-03A6-4CCF-B205-33208A8DA491}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{59FBC99A-4F09-492D-9454-10F8B0079E11}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5A140158-43BE-4FC1-9D98-40BB79242D09}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{5A3671AA-F4F4-4F1D-A4BC-2515F735918E}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe |
"{6198E264-AAF1-4EA1-AFFB-176C974FF190}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{666D5BAA-D7B6-4566-8BB4-1A9BF7DAC6D9}" = protocol=6 | dir=in | app=f:\games instal\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{6FF4E6ED-D42E-493C-A31E-6F32B70C1B56}" = protocol=6 | dir=in | app=f:\games instal\steam\steam.exe |
"{73E5DD45-0C73-42AE-A630-ED857DB8341A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{753D056B-B482-471B-AAFA-6C7280F5651F}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{7A467E27-0F8E-46FC-AE81-8EE83B5583CC}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{7ABAE725-5D15-43A8-8FB0-F6EE3C857553}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{7E163B80-B097-4CE6-9E63-17DBCD27AB89}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{7E783D3F-74F7-4304-B6EF-99B15DCC664C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{80C89CE7-9E2E-470D-B061-64E4E81DC8BB}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{82003FFF-E5EC-4D9E-A37D-A347EC31233B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{846F5E2A-AC00-4739-A738-1888B581988B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{87763FC8-A3C4-46F2-BB0C-3501EF0DF4A1}" = protocol=17 | dir=in | app=f:\games instal\steam\bin\cef\cef.win7\steamwebhelper.exe |
"{8DA3E57B-BE4C-40AD-A1F9-0BF55768D68C}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\studio.exe |
"{92F09C44-0E83-403F-990F-305454A21518}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{95705537-8C5F-4C60-A7AC-F439B6404187}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A15FAB13-A3BE-4CDA-9795-93516E173E99}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A93A299D-79ED-4011-9419-44E90430FF2B}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{AAB734F8-DEA0-4423-B4F9-E2CEA5F3706E}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{AD58CB2E-29C8-4086-AC9B-B1C12C060BE2}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{AD917208-14A5-43D7-A6E8-520200BCFA26}" = protocol=6 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\rm.exe |
"{AE1A2563-B886-4876-A317-653D26F6FEE3}" = protocol=17 | dir=in | app=c:\program files (x86)\pinnacle\studio 15\programs\umi.exe |
"{AE5770ED-C585-4A1C-8BD4-C08C8E5C9F45}" = dir=in | app=g:\games\world_of_warships\worldofwarships.exe |
"{AE8714C2-14D1-492A-A2E6-6D217DE10DBB}" = protocol=6 | dir=in | app=g:\games\ubisoft game launcher\games\assassin's creed iii\ac3sp.exe |
"{B4875507-1136-49B0-BBAE-A6DEC169B3A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B93E6044-2D48-446B-AA80-877B4FCAEDB8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BB1B05F2-5B14-483F-8670-28C86EECB26F}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\botanicula\botanicula.exe |
"{BD0B7B29-811C-4B3F-804B-9E2D9E6E7D5A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{C288F957-518D-4713-B609-D92B72FBE3E5}" = dir=in | app=g:\games\world_of_warships\wowslauncher.exe |
"{C5492393-21CD-402C-84E6-E45158BD50C6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{D204E719-D461-4FAC-BE0E-30DFD06E0923}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{D455F674-F4BC-4A94-ABDB-646B9AF89A1C}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{D51E10DF-B42C-4823-9493-098ACF5FD47F}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{DC6F0395-882B-4E4E-A52B-B56485C9C5E9}" = protocol=6 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2cfg.exe |
"{E1F48AAB-6D46-412F-B020-4E79BC6FE358}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E3BD680D-BDF6-4F97-8D7C-04403CB7DD33}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{EA060BF9-E629-470A-9EEF-8BC24528E82F}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EE6033FC-BFA9-4444-A34E-2D998270751F}" = protocol=17 | dir=in | app=f:\games instal\steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe |
"{EF8A64A7-9004-4C40-B390-5C262A406363}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{25406813-9DD6-428B-B623-66C2EE4BA367}G:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=g:\games\world_of_tanks\worldoftanks.exe |
"TCP Query User{2880B7A9-E1EE-48F7-8E55-84B85E369D68}G:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=g:\games\world_of_tanks\wotlauncher.exe |
"TCP Query User{659397A6-D713-4545-A9B6-AB924EC74E35}C:\users\buda\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\buda\appdata\roaming\spotify\spotify.exe |
"TCP Query User{8BEC9A05-7AEB-4DE5-AFAC-7878423E3C6E}G:\games\hearthstone\hearthstone\hearthstone.exe" = protocol=6 | dir=in | app=g:\games\hearthstone\hearthstone\hearthstone.exe |
"UDP Query User{1A4D05AD-5D27-4DB8-963F-A9432A096016}G:\games\hearthstone\hearthstone\hearthstone.exe" = protocol=17 | dir=in | app=g:\games\hearthstone\hearthstone\hearthstone.exe |
"UDP Query User{558F6C63-741F-4494-B528-8B6D2B5A24D7}G:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=g:\games\world_of_tanks\worldoftanks.exe |
"UDP Query User{857700B5-456B-442C-AF57-2159CE4CA4D9}G:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=g:\games\world_of_tanks\wotlauncher.exe |
"UDP Query User{CEA988DC-96C0-450D-938E-B2F415001CFD}C:\users\buda\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\buda\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Ovladače videa společnosti Pinnacle
"{790E02A1-145A-3843-8C13-A4F41C9B48B7}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{A324DC11-FF02-3CE8-9D6F-67EBC006D970}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Ovladač 3D Vision 378.66
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 378.66
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Ovladače grafiky 378.66
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 3.3.0.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Ovladač řídící jednotky 3D Vision 369.04
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Systémový software PhysX 9.16.0318
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Aktualizace NVIDIA 23.23.0.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA Wireless Controller Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA Ovladač HD audia 1.3.34.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend" = NVIDIA Backend
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer" = NVIDIA Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem" = NVIDIA LocalSystem Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus" = NVIDIA Message Bus for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService" = NVIDIA NetworkService Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session" = NVIDIA Session Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User" = NVIDIA User Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs" = NvNodejs
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog" = NVIDIA Watchdog Plugin for NvContainer
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry" = NvTelemetry
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer" = NVIDIA Telemetry Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci" = NvvHci
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC" = Nvidia Share
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 3.3.0.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 3.51.2
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Balíček ovladače systému Windows - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0)
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.78
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Steam App 207690" = Botanicula
"VulkanRT1.0.39.1" = Vulkan Run Time Libraries 1.0.39.1
"WinRAR archiver" = WinRAR 5.21 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{1362E602-9625-42D3-B57F-CDA9D26F9DA8}" = Pinnacle Studio 15
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{2300EE96-0A41-4FAB-BD03-989EC44577A0}" = Acronis Disk Director Suite
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AC76BA86-0804-1033-1959-001824211354}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{D4C4A751-F7F3-4DCA-B825-9AC391BFFC3F}" = Google+ Auto Backup
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{EEB605FD-C5F5-4946-90F3-D65C604A9187}" = AMD OverDrive
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Avast Antivirus" = Avast Free Antivirus
"AviSynth" = AviSynth 2.5
"Battle.net" = Battle.net
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.0.5
"GOGPACKTHEWITCHER2EE_is1" = The Witcher 2 - Assassins of Kings Enhanced Edition
"Google Chrome" = Google Chrome
"Hearthstone" = Hearthstone
"Heroes of the Storm" = Heroes of the Storm
"League of Legends 3.0.1" = League of Legends
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Origin" = Origin
"Picasa 3" = Picasa 3
"Rapport_msi" = Ochrana koncového bodu Trusteer
"SafeZone 3.55.2393.561" = SafeZone Stable 3.55.2393.561
"SpeedFan" = SpeedFan (remove only)
"TeamViewer" = TeamViewer 11
"The KMPlayer" = KMPlayer (remove only)
"Uplay" = Uplay
"Uplay Install 54" = Assassin's Creed III
"uTorrent" = µTorrent
"VLC media player" = VLC media player
"VobSub" = VobSub v2.23 (Remove Only)
"XviD MPEG4 Video Codec" = XviD MPEG4 Video Codec (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1" = World of Warships
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 29.12.2016 21:13:23 | Computer Name = Buda-PC | Source = Application Hang | ID = 1002
Description = Program HeroesOfTheStorm_x64.exe verze 0.22.4.49008 přestal spolupracovat
se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID
procesu: 3cc Čas spuštění: 01d26236b3ca3e5b Čas ukončení: 391 Cesta k aplikaci: G:\Games\Heroes
of the Storm\Heroes of the Storm\Versions\Base49008\HeroesOfTheStorm_x64.exe ID
hlášení:
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = ESENT | ID = 455
Description = Windows (4776) Windows: Při otevírání souboru protokolu C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0004A.log
došlo k chybě -1811.
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 9000
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 7040
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 7042
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 9002
Description =
Error - 11.1.2017 0:12:58 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3029
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3028
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 3058
Description =
Error - 11.1.2017 0:12:59 | Computer Name = Buda-PC | Source = Windows Search Service | ID = 7010
Description =
[ System Events ]
Error - 25.2.2017 1:21:55 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (30000 ms).
Error - 25.2.2017 1:21:55 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 25.2.2017 1:21:57 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: EpfwLWF
Error - 25.2.2017 1:21:59 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7024
Description = Služba Windows Search ukončena s chybou %%-1073473535, specifickou
pro službu.
Error - 25.2.2017 1:21:59 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7031
Description = Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát.
Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error - 25.2.2017 14:43:17 | Computer Name = Buda-PC | Source = Application Popup | ID = 875
Description = Načtení ovladače atksgt.sys je blokováno.
Error - 25.2.2017 14:43:17 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7000
Description = Služba atksgt neuspěla při spuštění v důsledku následující chyby:
%%1275
Error - 25.2.2017 14:43:49 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Origin Web Helper Service bylo dosaženo
časového limitu (30000 ms).
Error - 25.2.2017 14:43:49 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7000
Description = Služba Origin Web Helper Service neuspěla při spuštění v důsledku
následující chyby: %%1053
Error - 25.2.2017 14:43:57 | Computer Name = Buda-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: EpfwLWF
< End of report >
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logi z HJT
Drive C: | 111,69 Gb Total Space | 14,73 Gb Free Space | 13,19% Space Free | Partition Type: NTFS
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!
pak nový OTL.
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!
pak nový OTL.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logi z HJT
Extras log tentokrát nevyjel.
OTL logfile created on: 26.2.2017 12:48:43 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,28% Memory free
7,99 Gb Paging File | 6,18 Gb Available in Paging File | 77,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 43,00 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
Drive E: | 100,17 Gb Total Space | 9,63 Gb Free Space | 9,62% Space Free | Partition Type: NTFS
Drive F: | 696,88 Gb Total Space | 80,58 Gb Free Space | 11,56% Space Free | Partition Type: NTFS
Drive G: | 600,21 Gb Total Space | 65,09 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Computer Name: BUDA-PC | User Name: Buda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - F:\Programy\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software s.r.o.)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Origin Web Helper Service) -- G:\Games\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- G:\Games\Origin\OriginClientService.exe (Electronic Arts)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcronisOSSReinstallSvc) -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswvmm.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (IBM Corp.)
DRV:64bit: - (RapportHades64) -- C:\Windows\SysNative\drivers\RapportHades64.sys (IBM Corp.)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (RapportCerberus_1804047) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys (IBM Corp.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (IBM Corp.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (IBM Corp.)
DRV - (RapportAegle64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys (IBM Corp.)
DRV - (AODDriver4.3.0) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\Programy instal\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\.bak
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_1\
O1 HOSTS File: ([2017.02.24 20:54:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [World of Tanks] G:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
O4 - HKCU..\Run: [World of Warships] G:\Games\World_of_Warships\WargamingGameUpdater.exe (Wargaming.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.33.112.42 46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E1FBBBC-AB10-4A7E-AD28-5EF9D82BF6A6}: DhcpNameServer = 46.33.112.42 46.33.96.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017.02.26 11:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.02.24 21:00:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.02.24 17:36:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2017.02.24 17:35:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2017.02.24 17:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.02.24 17:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.02.24 16:19:19 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Diagnostics
[2017.02.24 15:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2017.02.24 15:49:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2017.02.24 15:01:02 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\NokiaAccount
[2017.02.23 19:46:03 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\CrashDumps
[2017.02.23 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\VirtualStore
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Temp
[2017.02.23 19:12:18 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.02.23 04:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.02.22 20:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.02.22 20:10:49 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:10:49 | 000,309,784 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:10:49 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:10:49 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.22 20:10:36 | 000,398,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.21 22:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.02.21 22:27:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.02.20 19:37:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2017.02.20 19:36:49 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 19:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2017.02.20 17:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2017.02.20 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2017.02.15 05:44:25 | 000,000,000 | ---D | C] -- C:\Users\Buda\ansel
[2017.02.14 20:51:17 | 000,134,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.14 20:45:12 | 034,937,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.14 20:45:12 | 019,006,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.14 20:45:12 | 014,674,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.14 20:45:12 | 011,019,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 008,990,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 000,408,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.14 20:45:11 | 028,212,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.14 20:45:11 | 000,153,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.14 20:45:11 | 000,131,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.14 20:45:10 | 000,961,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.14 20:45:10 | 000,912,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.14 20:45:10 | 000,611,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,500,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,170,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.14 20:45:10 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.14 20:45:09 | 001,983,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.14 20:45:09 | 001,589,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.14 20:45:09 | 001,051,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.14 20:45:09 | 000,989,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.14 20:45:09 | 000,687,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,576,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,504,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.14 20:45:09 | 000,425,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.14 20:45:08 | 016,398,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.14 20:45:07 | 013,377,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.14 20:45:07 | 003,627,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.14 20:45:07 | 003,187,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.14 20:45:06 | 011,122,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.14 20:45:06 | 009,305,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
========== Files - Modified Within 30 Days ==========
[2017.02.26 11:41:08 | 001,585,998 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.02.26 11:41:08 | 000,669,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.02.26 11:41:08 | 000,655,054 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.02.26 11:41:08 | 000,141,292 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.02.26 11:41:08 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.02.26 11:39:24 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.26 11:39:24 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.26 11:33:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.02.26 11:33:34 | 3219,259,392 | -HS- | M] () -- C:\hiberfil.sys
[2017.02.25 06:18:15 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.02.24 20:54:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2017.02.24 17:31:43 | 000,001,204 | ---- | M] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 20:35:11 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2017.02.23 19:12:17 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | M] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.22 20:11:10 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2017.02.22 20:10:22 | 000,547,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.02.22 20:10:22 | 000,398,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.22 20:10:22 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys.148779067046504
[2017.02.22 20:10:22 | 000,162,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2017.02.22 20:10:22 | 000,126,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.02.22 20:10:22 | 000,074,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.02.22 20:10:22 | 000,038,296 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.02.22 20:10:21 | 000,100,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.02.22 20:10:08 | 000,991,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.02.22 20:10:08 | 000,032,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.02.22 20:09:54 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:09:54 | 000,309,784 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:09:54 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:09:54 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.20 22:16:51 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 17:49:52 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.16 20:00:56 | 000,281,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2017.02.10 01:52:40 | 040,192,056 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.10 01:52:40 | 035,272,760 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.02.10 01:52:40 | 034,937,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.10 01:52:40 | 028,212,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.10 01:52:40 | 019,110,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2017.02.10 01:52:40 | 019,006,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.10 01:52:40 | 016,510,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2017.02.10 01:52:40 | 016,398,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.10 01:52:40 | 014,674,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.10 01:52:40 | 013,377,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.10 01:52:40 | 011,122,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.10 01:52:40 | 011,019,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 009,305,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2017.02.10 01:52:40 | 008,990,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 004,064,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2017.02.10 01:52:40 | 003,627,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.10 01:52:40 | 003,583,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2017.02.10 01:52:40 | 003,187,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.10 01:52:40 | 001,983,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.10 01:52:40 | 001,589,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.10 01:52:40 | 001,051,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.10 01:52:40 | 000,989,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.10 01:52:40 | 000,961,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.10 01:52:40 | 000,912,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.10 01:52:40 | 000,687,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,611,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,576,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,504,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.10 01:52:40 | 000,500,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,492,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2017.02.10 01:52:40 | 000,425,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.10 01:52:40 | 000,408,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.10 01:52:40 | 000,170,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.10 01:52:40 | 000,153,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.10 01:52:40 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.10 01:52:40 | 000,131,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.10 01:52:40 | 000,042,606 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2017.02.10 00:13:14 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
[2017.02.09 23:57:14 | 006,403,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2017.02.09 23:57:14 | 002,477,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2017.02.09 23:57:12 | 001,764,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2017.02.09 23:57:12 | 000,548,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2017.02.09 23:57:12 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2017.02.09 23:57:12 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2017.02.09 23:57:12 | 000,071,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2017.02.09 23:57:04 | 007,791,217 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2017.02.09 23:39:48 | 000,134,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.03 19:59:43 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2017.02.24 17:31:43 | 000,001,204 | ---- | C] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 19:34:18 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | C] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.20 17:49:52 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.14 20:45:03 | 040,192,056 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.14 20:45:03 | 035,272,760 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.01.26 01:13:16 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017.01.26 01:12:46 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2016.08.17 19:59:33 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.08.17 19:59:33 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2015.10.29 16:23:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015.07.30 15:06:05 | 001,564,220 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.07.24 14:20:24 | 000,000,180 | ---- | C] () -- C:\Windows\Dimaxis.ini
[2015.04.12 12:20:02 | 000,005,632 | ---- | C] () -- C:\Users\Buda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2016.03.18 19:38:49 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\.mono
[2015.08.22 11:41:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Audacity
[2016.06.13 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\AVAST Software
[2016.02.28 13:11:15 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Battle.net
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\DAEMON Tools Lite
[2015.03.19 12:38:17 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\ESET
[2015.11.04 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\LolClient
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia Suite
[2017.02.05 12:09:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Origin
[2015.11.19 21:05:51 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\PC Suite
[2015.03.27 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Riot Games
[2016.12.01 20:40:48 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Spotify
[2016.04.29 19:44:56 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\TeamViewer
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\uTorrent
[2015.03.20 03:27:44 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Wargaming.net
========== Purity Check ==========
< End of report >
OTL logfile created on: 26.2.2017 12:48:43 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = F:\Programy
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18499)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
4,00 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 62,28% Memory free
7,99 Gb Paging File | 6,18 Gb Available in Paging File | 77,36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,69 Gb Total Space | 43,00 Gb Free Space | 38,50% Space Free | Partition Type: NTFS
Drive E: | 100,17 Gb Total Space | 9,63 Gb Free Space | 9,62% Space Free | Partition Type: NTFS
Drive F: | 696,88 Gb Total Space | 80,58 Gb Free Space | 11,56% Space Free | Partition Type: NTFS
Drive G: | 600,21 Gb Total Space | 65,09 Gb Free Space | 10,84% Space Free | Partition Type: NTFS
Computer Name: BUDA-PC | User Name: Buda | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - F:\Programy\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (Node.js)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\poco.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node ()
MOD - \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software s.r.o.)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (NVDisplay.ContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerNetworkService) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (NvContainerLocalSystem) -- C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Origin Web Helper Service) -- G:\Games\Origin\OriginWebHelperService.exe (Electronic Arts)
SRV - (Origin Client Service) -- G:\Games\Origin\OriginClientService.exe (Electronic Arts)
SRV - (RapportMgmtService) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM Corp.)
SRV - (NvTelemetryContainer) -- C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AODService) -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AcronisOSSReinstallSvc) -- C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswvmm.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (RapportKE64) -- C:\Windows\SysNative\drivers\RapportKE64.sys (IBM Corp.)
DRV:64bit: - (RapportHades64) -- C:\Windows\SysNative\drivers\RapportHades64.sys (IBM Corp.)
DRV:64bit: - (nvvhci) -- C:\Windows\SysNative\drivers\nvvhci.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (EpfwLWF) -- C:\Windows\SysNative\drivers\EpfwLWF.sys (ESET)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek Corporation )
DRV:64bit: - (MarvinBus) -- C:\Windows\SysNative\drivers\MarvinBus64.sys (Pinnacle Systems GmbH)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (RapportCerberus_1804047) -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804047.sys (IBM Corp.)
DRV - (RapportPG64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys (IBM Corp.)
DRV - (RapportEI64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys (IBM Corp.)
DRV - (RapportAegle64) -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys (IBM Corp.)
DRV - (AODDriver4.3.0) -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\Programy instal\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Buda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.09.11 18:44:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof\1.14_1\.bak
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.1_1\
CHR - Extension: No name found = C:\Users\Buda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5616.1121.0.3_1\
O1 HOSTS File: ([2017.02.24 20:54:29 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Google+ Auto Backup] C:\Users\Buda\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (Google Inc.)
O4 - HKCU..\Run: [World of Tanks] G:\Games\World_of_Tanks\WargamingGameUpdater.exe (Wargaming.net)
O4 - HKCU..\Run: [World of Warships] G:\Games\World_of_Warships\WargamingGameUpdater.exe (Wargaming.net)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 46.33.112.42 46.33.96.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E1FBBBC-AB10-4A7E-AD28-5EF9D82BF6A6}: DhcpNameServer = 46.33.112.42 46.33.96.2
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017.02.26 11:38:46 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.02.24 21:00:39 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.02.24 17:36:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2017.02.24 17:35:30 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2017.02.24 17:31:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017.02.24 17:31:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017.02.24 16:19:19 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Diagnostics
[2017.02.24 15:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD
[2017.02.24 15:49:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2017.02.24 15:01:02 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\NokiaAccount
[2017.02.23 19:46:03 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\CrashDumps
[2017.02.23 19:39:39 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\VirtualStore
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017.02.23 19:34:17 | 000,000,000 | ---D | C] -- C:\Users\Buda\AppData\Local\Temp
[2017.02.23 19:12:18 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017.02.23 04:43:22 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017.02.22 20:44:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.02.22 20:10:49 | 000,334,600 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:10:49 | 000,309,784 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:10:49 | 000,189,768 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:10:49 | 000,048,528 | ---- | C] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.22 20:10:36 | 000,398,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.21 22:34:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.02.21 22:27:52 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.02.20 19:37:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
[2017.02.20 19:37:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GIGABYTE
[2017.02.20 19:36:49 | 000,025,640 | ---- | C] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 19:36:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2017.02.20 17:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2017.02.20 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2017.02.15 05:44:25 | 000,000,000 | ---D | C] -- C:\Users\Buda\ansel
[2017.02.14 20:51:17 | 000,134,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.14 20:45:12 | 034,937,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.14 20:45:12 | 019,006,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.14 20:45:12 | 014,674,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.14 20:45:12 | 011,019,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 008,990,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.14 20:45:12 | 000,408,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.14 20:45:11 | 028,212,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.14 20:45:11 | 000,153,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.14 20:45:11 | 000,131,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.14 20:45:10 | 000,961,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.14 20:45:10 | 000,912,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.14 20:45:10 | 000,611,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,500,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.14 20:45:10 | 000,170,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.14 20:45:10 | 000,148,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.14 20:45:09 | 001,983,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.14 20:45:09 | 001,589,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.14 20:45:09 | 001,051,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.14 20:45:09 | 000,989,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.14 20:45:09 | 000,687,224 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,576,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.14 20:45:09 | 000,504,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.14 20:45:09 | 000,425,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.14 20:45:08 | 016,398,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.14 20:45:07 | 013,377,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.14 20:45:07 | 003,627,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.14 20:45:07 | 003,187,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.14 20:45:06 | 011,122,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.14 20:45:06 | 009,305,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
========== Files - Modified Within 30 Days ==========
[2017.02.26 11:41:08 | 001,585,998 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.02.26 11:41:08 | 000,669,660 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.02.26 11:41:08 | 000,655,054 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.02.26 11:41:08 | 000,141,292 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.02.26 11:41:08 | 000,121,926 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.02.26 11:39:24 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.02.26 11:39:24 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.02.26 11:33:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.02.26 11:33:34 | 3219,259,392 | -HS- | M] () -- C:\hiberfil.sys
[2017.02.25 06:18:15 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.02.24 20:54:29 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2017.02.24 17:31:43 | 000,001,204 | ---- | M] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | M] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 20:35:11 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2017.02.23 19:12:17 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | M] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.22 20:11:10 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2017.02.22 20:10:22 | 000,547,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.02.22 20:10:22 | 000,398,408 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.02.22 20:10:22 | 000,337,080 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys.148779067046504
[2017.02.22 20:10:22 | 000,162,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2017.02.22 20:10:22 | 000,126,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.02.22 20:10:22 | 000,074,680 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.02.22 20:10:22 | 000,038,296 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.02.22 20:10:21 | 000,100,640 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.02.22 20:10:08 | 000,991,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.02.22 20:10:08 | 000,032,088 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.02.22 20:09:54 | 000,334,600 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.02.22 20:09:54 | 000,309,784 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.02.22 20:09:54 | 000,189,768 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.02.22 20:09:54 | 000,048,528 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.02.20 22:16:51 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2017.02.20 17:49:52 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.16 20:00:56 | 000,281,392 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2017.02.10 01:52:40 | 040,192,056 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.10 01:52:40 | 035,272,760 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.02.10 01:52:40 | 034,937,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2017.02.10 01:52:40 | 028,212,280 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2017.02.10 01:52:40 | 019,110,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2017.02.10 01:52:40 | 019,006,832 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2017.02.10 01:52:40 | 016,510,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2017.02.10 01:52:40 | 016,398,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2017.02.10 01:52:40 | 014,674,896 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2017.02.10 01:52:40 | 013,377,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2017.02.10 01:52:40 | 011,122,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2017.02.10 01:52:40 | 011,019,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 009,305,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2017.02.10 01:52:40 | 008,990,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvptxJitCompiler.dll
[2017.02.10 01:52:40 | 004,064,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2017.02.10 01:52:40 | 003,627,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2017.02.10 01:52:40 | 003,583,560 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2017.02.10 01:52:40 | 003,187,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2017.02.10 01:52:40 | 001,983,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6437866.dll
[2017.02.10 01:52:40 | 001,589,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6437866.dll
[2017.02.10 01:52:40 | 001,051,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2017.02.10 01:52:40 | 000,989,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2017.02.10 01:52:40 | 000,961,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2017.02.10 01:52:40 | 000,912,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2017.02.10 01:52:40 | 000,687,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,611,384 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,576,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvfatbinaryLoader.dll
[2017.02.10 01:52:40 | 000,504,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2017.02.10 01:52:40 | 000,500,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2017.02.10 01:52:40 | 000,492,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2017.02.10 01:52:40 | 000,425,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2017.02.10 01:52:40 | 000,408,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2017.02.10 01:52:40 | 000,170,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2017.02.10 01:52:40 | 000,153,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2017.02.10 01:52:40 | 000,148,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2017.02.10 01:52:40 | 000,131,720 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2017.02.10 01:52:40 | 000,042,606 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2017.02.10 00:13:14 | 000,001,951 | ---- | M] () -- C:\Windows\NvContainerRecovery.bat
[2017.02.09 23:57:14 | 006,403,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2017.02.09 23:57:14 | 002,477,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2017.02.09 23:57:12 | 001,764,408 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2017.02.09 23:57:12 | 000,548,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshext.dll
[2017.02.09 23:57:12 | 000,393,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2017.02.09 23:57:12 | 000,083,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nv3dappshextr.dll
[2017.02.09 23:57:12 | 000,071,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2017.02.09 23:57:04 | 007,791,217 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2017.02.09 23:39:48 | 000,134,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2017.02.03 19:59:43 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2017.02.24 17:31:43 | 000,001,204 | ---- | C] () -- C:\Users\Buda\Desktop\CrystalDiskInfo.lnk
[2017.02.24 15:50:02 | 000,002,067 | ---- | C] () -- C:\Users\Public\Desktop\AMD OverDrive.lnk
[2017.02.23 19:34:18 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2017.02.23 04:44:37 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017.02.22 20:31:28 | 000,000,017 | ---- | C] () -- C:\Users\Buda\AppData\Local\resmon.resmoncfg
[2017.02.20 17:49:52 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CPUID CPU-Z.lnk
[2017.02.14 20:45:03 | 040,192,056 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2017.02.14 20:45:03 | 035,272,760 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2017.01.26 01:13:16 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017.01.26 01:12:46 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2016.08.17 19:59:33 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.08.17 19:59:33 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2015.10.29 16:23:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015.07.30 15:06:05 | 001,564,220 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.07.24 14:20:24 | 000,000,180 | ---- | C] () -- C:\Windows\Dimaxis.ini
[2015.04.12 12:20:02 | 000,005,632 | ---- | C] () -- C:\Users\Buda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.08.06 19:04:07 | 014,176,768 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.08.06 18:44:51 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2016.03.18 19:38:49 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\.mono
[2015.08.22 11:41:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Audacity
[2016.06.13 14:56:03 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\AVAST Software
[2016.02.28 13:11:15 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Battle.net
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\DAEMON Tools Lite
[2015.03.19 12:38:17 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\ESET
[2015.11.04 19:25:34 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\LolClient
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia
[2017.02.24 15:01:02 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Nokia Suite
[2017.02.05 12:09:23 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Origin
[2015.11.19 21:05:51 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\PC Suite
[2015.03.27 22:12:38 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Riot Games
[2016.12.01 20:40:48 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Spotify
[2016.04.29 19:44:56 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\TeamViewer
[2015.05.06 18:48:04 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\uTorrent
[2015.03.20 03:27:44 | 000,000,000 | ---D | M] -- C:\Users\Buda\AppData\Roaming\Wargaming.net
========== Purity Check ==========
< End of report >
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43060
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu logi z HJT
AVAST
ESET Smart Security
dva antiviry , jeden odinstaluj , pak znovu OTL..
ESET Smart Security
dva antiviry , jeden odinstaluj , pak znovu OTL..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Prosím o kontrolu logi z HJT Vyřešeno
Antivir mam opravdu jen jeden. Ještě jednou velice děkuji za pomoc. Problém bude nejspíš ještě v něčem mimo dostupnost těchto nástrojů.
Kdo je online
Uživatelé prohlížející si toto fórum: Google Adsense [Bot] a 13 hostů