Nálezy šly jedině smazat, tak jsem to tak udělala.
---
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17728
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.594000 GHz
Memory total: 4101267456, free: 2542776320
Downloaded database version: v2015.05.03.06
Downloaded database version: v2015.04.21.01
Downloaded database version: v2015.04.22.01
=======================================
Initializing...
------------ Kernel report ------------
05/03/2015 21:59:30
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\jcroxl.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\dtsoftbus01.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\??\C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\SysWow64\drivers\AiCharger.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\k57nd60a.sys
\SystemRoot\System32\drivers\bScsiSDa.sys
\SystemRoot\System32\drivers\SCSIPORT.SYS
\SystemRoot\System32\drivers\bScsiMSa.sys
\SystemRoot\system32\DRIVERS\bcmwl63al.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\aPs2Kb2Hid.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.05.03.06
rootkit: v2015.04.21.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe000543e0290, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe000543df040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe000543e0290, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe000522987f0, DeviceName: \Device\0000002d\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: F62E28EE
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2849870376
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 8f448142-dd48-4ab1-991-1ded9f68bf30
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2849870376
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 8f448142-dd48-4ab1-991-1ded9f68bf30
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 3d3ebfb2-7729-4a3f-9ddd-e975cc6a22c1
FirstLBA 2048 Last LBA 821247
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID ceb7d3ab-b82a-426d-b33f-45cb1b5a381
FirstLBA 821248 Last LBA 1435647
Attributes 0
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 4dc3441d-e911-46b1-afe3-f9721a29ebe
FirstLBA 1435648 Last LBA 1697791
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID d263d86-4654-431b-ac3f-e21979ee50d
FirstLBA 1697792 Last LBA 1920071679
Attributes 0
Partition Name Basic data partition
Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 9dc0b9b3-6ea7-49bd-bc15-2d53afa77673
FirstLBA 1920071680 Last LBA 1920993279
Attributes 1
Partition Name
Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 9e174ff0-e33b-452f-814c-75852ced892f
FirstLBA 1920993280 Last LBA 1953523711
Attributes 1
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
-----
Nerestartovala jsem systém, protože to žádné hrozby nenašlo.
Pomalý chod notebooku Vyřešeno
Re: Pomalý chod notebooku
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Re: Pomalý chod notebooku
Ok. Ještě nahlédneme hlouběji:
Stáhni si OTL: http://www.bleepingcomputer.com/download/otl/
Otevři, zatrhni políčka: Pro všechny uživatele, Kontrola na havěť "LOP", Kontrola na havěť "Purity"
U položky Běžné registry vlevo dole zvol možnost Vše.
Do volného textového pole Vlastní skenování/opravy zadej tento skript:
A klikni na Prohledat.
Kontrola je časově velmi náročná... Výsledné logy rozkouskuj do příspěvků.
Stáhni si OTL: http://www.bleepingcomputer.com/download/otl/
Otevři, zatrhni políčka: Pro všechny uživatele, Kontrola na havěť "LOP", Kontrola na havěť "Purity"
U položky Běžné registry vlevo dole zvol možnost Vše.
Do volného textového pole Vlastní skenování/opravy zadej tento skript:
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
*keygen* /s
*loader* /s
*AutoKMS* /s
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
A klikni na Prohledat.
Kontrola je časově velmi náročná... Výsledné logy rozkouskuj do příspěvků.
Re: Pomalý chod notebooku
OTL logfile created on: 4. 5. 2015 9:00:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucie\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy
3,82 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 65,76% Memory free
4,76 Gb Paging File | 3,30 Gb Available in Paging File | 69,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,75 Gb Total Space | 759,98 Gb Free Space | 83,08% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Lucie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/05/04 08:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucie\Desktop\OTL.exe
PRC - [2015/04/28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/04/25 21:06:17 | 000,232,264 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
========== Modules (No Company Name) ==========
MOD - [2015/04/28 04:07:35 | 014,980,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
MOD - [2015/04/28 04:07:34 | 001,252,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
MOD - [2015/04/28 04:07:33 | 000,080,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
MOD - [2013/09/05 03:36:28 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015/04/25 20:48:32 | 001,429,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/04/08 17:54:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/02/04 01:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/02/04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/12/04 11:21:36 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/12/04 11:21:05 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/12/04 11:19:21 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/12/04 11:19:09 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/12/04 11:19:07 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/12/04 11:18:58 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/12/04 11:18:51 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/12/04 11:18:45 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/12/04 11:18:19 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/12/04 11:18:05 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/12/04 11:18:04 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/12/04 11:17:59 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/12/04 11:17:58 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/12/04 11:17:55 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/12/04 11:17:47 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/12/04 11:17:40 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/12/04 11:17:39 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/12/04 11:17:38 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/12/04 11:17:36 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/12/04 11:17:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/12/04 11:17:20 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/12/04 11:17:20 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/12/04 11:17:18 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/12/04 11:17:03 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/12/04 11:15:05 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/12/04 11:15:04 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/12/04 11:14:16 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/12/04 11:14:12 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/11/30 04:11:44 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2012/08/23 06:36:28 | 000,468,624 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/08/23 06:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/08/21 02:36:22 | 000,176,640 | ---- | M] (Broadcom Corp.) [On_Demand | Stopped] -- C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe -- (BrcmCardReader)
SRV:64bit: - [2012/04/21 00:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/04/14 01:44:34 | 000,836,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/01/02 20:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/04 11:20:07 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/12/04 11:15:13 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/12/04 11:15:12 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/12/04 11:14:16 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/11/29 12:44:04 | 001,900,400 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014/10/01 20:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/12/29 01:59:18 | 000,096,880 | ---- | M] (Dritek System INC.) [On_Demand | Stopped] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/09/21 07:17:47 | 000,348,784 | ---- | M] (Dritek System Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/07/18 02:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 02:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 02:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/26 01:32:36 | 000,687,400 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015/04/30 23:16:15 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/04/25 20:48:10 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015/04/25 20:47:58 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/04/25 20:45:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015/04/14 09:38:00 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015/04/14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/03/29 22:08:12 | 000,082,128 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2015/03/04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015/02/04 01:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/02/04 01:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/02/04 01:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/02/01 23:52:17 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2015/01/14 16:40:24 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2014/12/13 22:20:10 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/12/13 22:20:09 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/12/13 22:20:09 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2014/12/13 22:20:09 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/12/04 11:21:51 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/12/04 11:21:37 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/12/04 11:18:49 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/12/04 11:18:45 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/12/04 11:18:43 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/12/04 11:18:33 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/12/04 11:14:41 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/12/04 11:14:11 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/12/04 11:14:11 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/12/04 11:14:10 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/12/04 11:14:10 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/12/04 11:14:10 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/11/29 21:08:11 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/11/29 13:21:49 | 000,059,088 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2014/11/29 13:16:32 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014/11/29 13:14:37 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/11/29 13:14:18 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2014/10/01 20:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/09/24 09:50:37 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/09/24 09:23:48 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/09/24 09:23:32 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/09/24 09:23:31 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/09/24 09:23:31 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/09/24 09:23:30 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/09/24 08:53:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/01 22:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/08/01 22:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/09/05 03:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/01 18:50:07 | 005,170,176 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL63AL.SYS -- (BCM43XX)
DRV:64bit: - [2012/12/29 01:59:18 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/10/26 17:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/10/26 17:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/10/26 17:42:22 | 000,026,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012/10/19 11:54:54 | 000,330,640 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/08/13 20:59:42 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/07/29 01:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV - [2014/12/29 13:24:48 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{88304B58-4C16-4B07-B7E8-A59705BAAA44}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{88304B58-4C16-4B07-B7E8-A59705BAAA44}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/11/15 04:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.427.11450_0\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
O1 HOSTS File: ([2015/05/03 18:34:11 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.91.240.101 93.91.240.254 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{248A9BEC-A094-4E99-A001-CF5CFE1E8587}: NameServer = 93.91.240.101,93.91.240.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52B65AFB-3DDF-453D-B125-5F8F0B2D5F27}: DhcpNameServer = 93.91.240.101 93.91.240.254 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucie\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy
3,82 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 65,76% Memory free
4,76 Gb Paging File | 3,30 Gb Available in Paging File | 69,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,75 Gb Total Space | 759,98 Gb Free Space | 83,08% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Lucie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2015/05/04 08:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucie\Desktop\OTL.exe
PRC - [2015/04/28 04:07:36 | 000,812,872 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015/04/25 21:06:17 | 000,232,264 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
========== Modules (No Company Name) ==========
MOD - [2015/04/28 04:07:35 | 014,980,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
MOD - [2015/04/28 04:07:34 | 001,252,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
MOD - [2015/04/28 04:07:33 | 000,080,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
MOD - [2013/09/05 03:36:28 | 000,013,088 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
========== Services (SafeList) ==========
SRV:64bit: - [2015/04/25 20:48:32 | 001,429,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015/04/08 17:54:18 | 000,780,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015/02/04 01:58:28 | 000,366,520 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2015/02/04 01:58:28 | 000,023,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/12/06 03:35:00 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/12/04 11:21:36 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2014/12/04 11:21:05 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/12/04 11:19:21 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/12/04 11:19:09 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2014/12/04 11:19:07 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2014/12/04 11:18:58 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/12/04 11:18:51 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2014/12/04 11:18:45 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2014/12/04 11:18:19 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/12/04 11:18:05 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2014/12/04 11:18:04 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/12/04 11:17:59 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2014/12/04 11:17:58 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2014/12/04 11:17:55 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2014/12/04 11:17:47 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/12/04 11:17:40 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/12/04 11:17:39 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/12/04 11:17:38 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2014/12/04 11:17:36 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2014/12/04 11:17:21 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2014/12/04 11:17:20 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/12/04 11:17:20 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2014/12/04 11:17:18 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2014/12/04 11:17:03 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2014/12/04 11:16:41 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2014/12/04 11:15:05 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2014/12/04 11:15:04 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/12/04 11:14:16 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/12/04 11:14:12 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV:64bit: - [2014/11/30 04:11:44 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2012/08/23 06:36:28 | 000,468,624 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/08/23 06:02:36 | 000,658,576 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/08/21 02:36:22 | 000,176,640 | ---- | M] (Broadcom Corp.) [On_Demand | Stopped] -- C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe -- (BrcmCardReader)
SRV:64bit: - [2012/04/21 00:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2015/04/14 01:44:34 | 000,836,288 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2015/01/02 20:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [On_Demand | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/12/19 09:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/12/04 11:20:07 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2014/12/04 11:15:13 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/12/04 11:15:12 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2014/12/04 11:14:16 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/11/29 12:44:04 | 001,900,400 | ---- | M] (Electronic Arts) [On_Demand | Stopped] -- C:\Program Files (x86)\Origin\OriginClientService.exe -- (Origin Client Service)
SRV - [2014/10/01 20:54:28 | 000,281,488 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2013/09/05 03:35:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/12/29 01:59:18 | 000,096,880 | ---- | M] (Dritek System INC.) [On_Demand | Stopped] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/09/21 07:17:47 | 000,348,784 | ---- | M] (Dritek System Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012/07/18 02:10:34 | 000,364,416 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 02:10:32 | 000,276,864 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 02:10:18 | 000,165,760 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2011/11/26 01:32:36 | 000,687,400 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2015/04/30 23:16:15 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015/04/25 20:48:10 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015/04/25 20:47:58 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015/04/25 20:45:31 | 000,239,424 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015/04/14 09:38:00 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2015/04/14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2015/03/29 22:08:12 | 000,082,128 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2015/03/04 12:25:11 | 000,377,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015/02/04 01:58:33 | 000,264,000 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015/02/04 01:58:33 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015/02/04 01:58:04 | 000,044,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015/02/01 23:52:17 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2015/01/14 16:40:24 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2014/12/13 22:20:10 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/12/13 22:20:09 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/12/13 22:20:09 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2014/12/13 22:20:09 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/12/04 11:21:51 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/12/04 11:21:37 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/12/04 11:18:49 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/12/04 11:18:45 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2014/12/04 11:18:43 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2014/12/04 11:18:33 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/12/04 11:14:41 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2014/12/04 11:14:11 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2014/12/04 11:14:11 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2014/12/04 11:14:10 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/12/04 11:14:10 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/12/04 11:14:10 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/11/29 21:08:11 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/11/29 13:21:49 | 000,059,088 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2014/11/29 13:16:32 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2014/11/29 13:14:37 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/11/29 13:14:18 | 000,652,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2014/10/01 20:54:16 | 003,828,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/09/24 09:50:37 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/09/24 09:23:48 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/09/24 09:23:32 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/09/24 09:23:31 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/09/24 09:23:31 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/09/24 09:23:30 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/09/24 08:53:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/08/15 02:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/08/01 22:18:33 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2014/08/01 22:18:33 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/09/05 03:37:00 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/08/22 15:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 15:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 14:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 14:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 14:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 14:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 14:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 14:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 14:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 14:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 14:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 14:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 14:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 14:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 14:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 14:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 14:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 14:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 14:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 14:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 14:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 14:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 14:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 14:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 14:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 14:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 14:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 13:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 13:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 13:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 13:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 13:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 13:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 13:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 13:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 13:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 13:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 13:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 13:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 13:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 13:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 13:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 10:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 01:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 02:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 20:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 21:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/07/01 18:50:07 | 005,170,176 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL63AL.SYS -- (BCM43XX)
DRV:64bit: - [2012/12/29 01:59:18 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/10/26 17:42:22 | 004,758,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012/10/26 17:42:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/10/26 17:42:22 | 000,026,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvbflt64.sys -- (CompFilter64)
DRV:64bit: - [2012/10/19 11:54:54 | 000,330,640 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/08/13 20:59:42 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/07/29 01:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV - [2014/12/29 13:24:48 | 000,026,528 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS -- (HWiNFO32)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{88304B58-4C16-4B07-B7E8-A59705BAAA44}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{88304B58-4C16-4B07-B7E8-A59705BAAA44}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAPBJS
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
[2013/11/15 04:32:00 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
========== Chrome ==========
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.427.11450_0\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_1\
CHR - Extension: No name found = C:\Users\Lucie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
O1 HOSTS File: ([2015/05/03 18:34:11 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.91.240.101 93.91.240.254 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{248A9BEC-A094-4E99-A001-CF5CFE1E8587}: NameServer = 93.91.240.101,93.91.240.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{52B65AFB-3DDF-453D-B125-5F8F0B2D5F27}: DhcpNameServer = 93.91.240.101 93.91.240.254 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\WINDOWS\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\WINDOWS\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\WINDOWS\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\WINDOWS\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Re: Pomalý chod notebooku
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.i420 - C:\WINDOWS\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015/05/04 08:58:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucie\Desktop\OTL.exe
[2015/05/03 21:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2015/05/03 21:58:39 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\mbar
[2015/05/03 18:54:42 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/03 18:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/05/03 18:54:22 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/05/03 18:54:22 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/05/03 18:54:22 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/05/03 18:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/05/03 18:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/05/03 18:51:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/05/03 18:43:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2015/05/03 18:43:33 | 000,000,000 | ---D | C] -- C:\Users\Lucie\AppData\Local\Temp
[2015/05/03 18:32:26 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2015/05/03 18:11:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/05/03 15:26:37 | 000,000,000 | ---D | C] -- C:\FRST
[2015/05/03 15:26:13 | 002,101,248 | ---- | C] (Farbar) -- C:\Users\Lucie\Desktop\FRST64.exe
[2015/05/02 12:35:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2015/05/02 09:35:32 | 000,000,000 | ---D | C] -- C:\Users\Lucie\AppData\Roaming\Hulubulu
[2015/05/02 09:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer
[2015/05/02 09:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Renamer
[2015/05/02 09:34:37 | 000,000,000 | ---D | C] -- C:\Users\Lucie\AppData\Roaming\Rename Expert
[2015/05/02 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\Notebook
[2015/04/30 23:16:15 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2015/04/30 23:16:02 | 002,256,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2015/04/30 23:16:02 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2015/04/30 23:15:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2015/04/30 23:15:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2015/04/30 23:14:57 | 004,417,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2015/04/30 23:14:57 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2015/04/30 23:14:57 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2015/04/30 23:14:57 | 001,207,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2015/04/25 20:48:32 | 001,429,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2015/04/25 20:48:10 | 000,467,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2015/04/25 20:47:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2015/04/25 20:47:24 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:24 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:13 | 002,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2015/04/25 20:47:13 | 001,812,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2015/04/25 20:47:02 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2015/04/25 20:47:02 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2015/04/25 20:46:16 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015/04/25 20:46:16 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015/04/25 20:46:16 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2015/04/25 20:45:31 | 000,239,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2015/04/25 20:45:31 | 000,154,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2015/04/25 20:45:01 | 002,819,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2015/04/25 20:44:40 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2015/04/20 10:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/04/20 10:40:05 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015/04/18 18:00:58 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\Absolutorium
[2015/04/16 21:06:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 16:54:25 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/16 16:54:25 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/16 16:53:21 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/16 16:53:12 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/16 16:53:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/16 16:53:12 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/16 16:53:12 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/16 16:53:12 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/16 16:53:12 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/16 16:53:11 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/16 16:53:11 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/16 16:52:55 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/16 16:52:55 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/16 16:52:54 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/16 16:52:54 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/16 16:52:54 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/16 16:52:54 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/16 16:52:54 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/16 16:52:54 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/16 16:52:54 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/16 16:52:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/16 16:51:35 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/16 16:51:35 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/16 16:51:35 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/16 16:51:21 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/16 16:51:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/16 16:51:20 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/16 16:51:20 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/16 16:51:20 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/16 16:51:20 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/16 16:51:20 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/16 16:51:20 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/13 22:50:18 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/13 22:50:18 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/13 22:50:18 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/13 22:50:18 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/13 22:50:18 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/13 22:50:18 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/13 22:50:18 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/13 22:50:18 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/13 22:50:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/13 22:50:18 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/13 22:50:18 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/13 22:50:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/13 22:50:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/13 22:50:18 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/13 22:50:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/13 22:50:18 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/13 22:50:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/10 20:29:30 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\New folder
[2015/04/08 17:54:18 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/04 10:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
[2015/04/04 10:39:39 | 000,000,000 | ---D | C] -- C:\GOG Games
========== Files - Modified Within 30 Days ==========
[2015/05/04 09:01:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/05/04 08:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucie\Desktop\OTL.exe
[2015/05/04 08:50:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/05/04 08:50:46 | 3281,010,688 | -HS- | M] () -- C:\hiberfil.sys
[2015/05/03 21:59:30 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/03 21:58:44 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/05/03 18:54:28 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/05/03 18:34:11 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2015/05/03 18:32:26 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2015/05/03 18:32:02 | 001,305,600 | ---- | M] () -- C:\Users\Lucie\Desktop\zoek.exe
[2015/05/03 18:11:35 | 002,204,160 | ---- | M] () -- C:\Users\Lucie\Desktop\adwcleaner_4.203.exe
[2015/05/03 17:58:19 | 000,124,211 | ---- | M] () -- C:\Users\Lucie\Desktop\1.jpg
[2015/05/03 15:26:20 | 002,101,248 | ---- | M] (Farbar) -- C:\Users\Lucie\Desktop\FRST64.exe
[2015/05/02 09:48:23 | 000,000,540 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den city.aren
[2015/05/02 09:45:05 | 000,000,544 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den 8.aren
[2015/05/02 09:42:42 | 000,000,572 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den1.aren
[2015/05/02 09:40:50 | 000,000,564 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den.aren
[2015/05/02 09:35:20 | 000,001,035 | ---- | M] () -- C:\Users\Lucie\Desktop\Advanced Renamer.lnk
[2015/05/02 09:04:34 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/05/02 09:04:34 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/05/02 09:04:34 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/05/01 14:47:21 | 007,616,135 | ---- | M] () -- C:\Users\Lucie\Desktop\heaven 30.04.2015.rar
[2015/04/30 23:25:20 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/30 23:16:15 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2015/04/30 23:16:02 | 002,256,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2015/04/30 23:16:02 | 001,943,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2015/04/30 23:15:51 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2015/04/30 23:15:51 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2015/04/30 23:15:11 | 000,410,017 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/04/30 23:14:57 | 004,417,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2015/04/30 23:14:57 | 002,985,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2015/04/30 23:14:57 | 001,491,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2015/04/30 23:14:57 | 001,207,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2015/04/30 21:25:03 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/26 11:48:38 | 005,162,200 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015/04/25 20:48:32 | 001,429,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2015/04/25 20:48:10 | 000,467,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2015/04/25 20:47:58 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2015/04/25 20:47:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:24 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:13 | 002,162,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2015/04/25 20:47:13 | 001,812,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2015/04/25 20:47:02 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2015/04/25 20:47:02 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2015/04/25 20:46:29 | 002,473,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2015/04/25 20:46:16 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015/04/25 20:46:16 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015/04/25 20:46:16 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2015/04/25 20:45:31 | 000,239,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2015/04/25 20:45:31 | 000,154,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2015/04/25 20:45:01 | 002,819,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2015/04/25 20:44:40 | 002,067,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2015/04/22 14:18:14 | 002,653,238 | ---- | M] () -- C:\Users\Lucie\Desktop\Anna Sabašová vizitk.JPG
[2015/04/21 22:10:03 | 000,001,645 | ---- | M] () -- C:\Users\Lucie\Desktop\DivX Movies.lnk
[2015/04/21 22:10:00 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2015/04/21 22:09:48 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2015/04/20 10:39:22 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015/04/18 18:27:50 | 000,001,360 | ---- | M] () -- C:\Users\Lucie\Desktop\Disk Cleaner.lnk
[2015/04/18 15:50:41 | 000,161,494 | ---- | M] () -- C:\Users\Lucie\Documents\Seznam témat OP (2014-15).pdf
[2015/04/18 15:50:36 | 000,146,881 | ---- | M] () -- C:\Users\Lucie\Documents\Seznam témat AJ (2014-15).pdf
[2015/04/15 14:05:21 | 006,602,256 | ---- | M] () -- C:\Users\Lucie\Desktop\2. I AM - Output - Stereo Out.mp3
[2015/04/15 14:05:08 | 002,639,232 | ---- | M] () -- C:\Users\Lucie\Desktop\1. INTRO - Output - Stereo Out.mp3
[2015/04/15 14:04:58 | 002,473,610 | ---- | M] () -- C:\Users\Lucie\Desktop\ATT_1425490897616_Lord Lhus voorbeeld 2.mp3
[2015/04/15 14:04:48 | 008,954,388 | ---- | M] () -- C:\Users\Lucie\Desktop\10. CHRISTPHOBIA.mp3
[2015/04/15 11:24:17 | 011,142,612 | ---- | M] () -- C:\Users\Lucie\Desktop\3. GRAVEDIGGIN' - Output - Stereo Out.mp3
[2015/04/15 11:24:13 | 010,427,472 | ---- | M] () -- C:\Users\Lucie\Desktop\9. ANOTHER HORROR STORY.mp3
[2015/04/15 11:24:09 | 010,364,832 | ---- | M] () -- C:\Users\Lucie\Desktop\12. STRINGS OF STRANGULATION.mp3
[2015/04/15 11:24:00 | 009,895,032 | ---- | M] () -- C:\Users\Lucie\Desktop\11. SOULLES DURING THE SOLSTICE.mp3
[2015/04/15 11:23:56 | 007,994,952 | ---- | M] () -- C:\Users\Lucie\Desktop\6. I SPIT ON YOUR GRAVE - Output - Stereo Out.mp3
[2015/04/15 11:23:51 | 007,427,016 | ---- | M] () -- C:\Users\Lucie\Desktop\13. UNDER STANDING.mp3
[2015/04/15 11:23:45 | 006,664,896 | ---- | M] () -- C:\Users\Lucie\Desktop\5. TORTURE MUSIC - Output - Stereo Out.mp3
[2015/04/15 11:22:26 | 008,479,368 | ---- | M] () -- C:\Users\Lucie\Desktop\8. ACAB ft. JACE ABSTRACT.mp3
[2015/04/14 09:38:00 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/04/14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/14 01:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 01:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/13 22:50:18 | 002,373,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/13 22:50:18 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/13 22:50:18 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/13 22:50:18 | 000,408,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/13 22:50:18 | 000,267,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/13 22:50:18 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/13 22:50:18 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/13 22:50:18 | 000,133,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/13 22:50:18 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/13 22:50:18 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/13 22:50:18 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/13 22:50:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/13 22:50:18 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/13 22:50:18 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/13 22:50:18 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/13 22:50:18 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/13 22:50:18 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/12 20:57:56 | 000,007,597 | ---- | M] () -- C:\Users\Lucie\AppData\Local\resmon.resmoncfg
[2015/04/09 21:30:25 | 346,516,884 | ---- | M] () -- C:\Users\Lucie\Desktop\lhus olomouc show.rar
[2015/04/08 17:54:18 | 000,780,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/04 10:57:20 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\Pillars of Eternity.lnk
========== Files Created - No Company Name ==========
[2015/05/04 09:01:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/05/03 18:54:28 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/05/03 18:43:35 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2015/05/03 18:31:51 | 001,305,600 | ---- | C] () -- C:\Users\Lucie\Desktop\zoek.exe
[2015/05/03 18:11:22 | 002,204,160 | ---- | C] () -- C:\Users\Lucie\Desktop\adwcleaner_4.203.exe
[2015/05/03 17:58:19 | 000,124,211 | ---- | C] () -- C:\Users\Lucie\Desktop\1.jpg
[2015/05/03 17:21:39 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\Play Dragon Age Inquisition.lnk
[2015/05/03 17:21:39 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\Pillars of Eternity.lnk
[2015/05/02 09:48:23 | 000,000,540 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den city.aren
[2015/05/02 09:45:05 | 000,000,544 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den 8.aren
[2015/05/02 09:42:42 | 000,000,572 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den1.aren
[2015/05/02 09:40:50 | 000,000,564 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den.aren
[2015/05/02 09:35:20 | 000,001,035 | ---- | C] () -- C:\Users\Lucie\Desktop\Advanced Renamer.lnk
[2015/05/01 14:47:21 | 007,616,135 | ---- | C] () -- C:\Users\Lucie\Desktop\heaven 30.04.2015.rar
[2015/04/30 23:15:11 | 000,410,017 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/04/28 08:37:10 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
[2015/04/22 14:18:14 | 002,653,238 | ---- | C] () -- C:\Users\Lucie\Desktop\Anna Sabašová vizitk.JPG
[2015/04/21 22:10:00 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2015/04/21 22:09:48 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2015/04/18 18:27:50 | 000,001,360 | ---- | C] () -- C:\Users\Lucie\Desktop\Disk Cleaner.lnk
[2015/04/18 15:50:41 | 000,161,494 | ---- | C] () -- C:\Users\Lucie\Documents\Seznam témat OP (2014-15).pdf
[2015/04/18 15:50:36 | 000,146,881 | ---- | C] () -- C:\Users\Lucie\Documents\Seznam témat AJ (2014-15).pdf
[2015/04/16 16:53:11 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/16 16:53:11 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/15 14:05:08 | 002,639,232 | ---- | C] () -- C:\Users\Lucie\Desktop\1. INTRO - Output - Stereo Out.mp3
[2015/04/15 14:04:58 | 002,473,610 | ---- | C] () -- C:\Users\Lucie\Desktop\ATT_1425490897616_Lord Lhus voorbeeld 2.mp3
[2015/04/15 14:04:48 | 008,954,388 | ---- | C] () -- C:\Users\Lucie\Desktop\10. CHRISTPHOBIA.mp3
[2015/04/15 11:24:17 | 011,142,612 | ---- | C] () -- C:\Users\Lucie\Desktop\3. GRAVEDIGGIN' - Output - Stereo Out.mp3
[2015/04/15 11:23:55 | 007,994,952 | ---- | C] () -- C:\Users\Lucie\Desktop\6. I SPIT ON YOUR GRAVE - Output - Stereo Out.mp3
[2015/04/15 11:23:51 | 007,427,016 | ---- | C] () -- C:\Users\Lucie\Desktop\13. UNDER STANDING.mp3
[2015/04/15 11:22:54 | 006,664,896 | ---- | C] () -- C:\Users\Lucie\Desktop\5. TORTURE MUSIC - Output - Stereo Out.mp3
[2015/04/15 11:22:50 | 010,427,472 | ---- | C] () -- C:\Users\Lucie\Desktop\9. ANOTHER HORROR STORY.mp3
[2015/04/15 11:22:46 | 006,602,256 | ---- | C] () -- C:\Users\Lucie\Desktop\2. I AM - Output - Stereo Out.mp3
[2015/04/15 11:22:39 | 009,895,032 | ---- | C] () -- C:\Users\Lucie\Desktop\11. SOULLES DURING THE SOLSTICE.mp3
[2015/04/15 11:22:33 | 010,364,832 | ---- | C] () -- C:\Users\Lucie\Desktop\12. STRINGS OF STRANGULATION.mp3
[2015/04/15 11:22:26 | 008,479,368 | ---- | C] () -- C:\Users\Lucie\Desktop\8. ACAB ft. JACE ABSTRACT.mp3
[2015/04/09 21:29:48 | 346,516,884 | ---- | C] () -- C:\Users\Lucie\Desktop\lhus olomouc show.rar
[2015/03/01 16:00:02 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2015/02/25 02:22:43 | 000,003,736 | ---- | C] () -- C:\Users\Lucie\.ganttproject
[2015/01/29 22:46:18 | 000,082,064 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01cz.exe
[2014/12/04 11:20:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2014/12/04 11:15:29 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/11/29 20:25:41 | 000,007,597 | ---- | C] () -- C:\Users\Lucie\AppData\Local\resmon.resmoncfg
[2014/10/01 20:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 20:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 09:24:06 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2014/11/30 23:13:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/12/04 11:16:54 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/12/04 11:19:54 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/12/04 11:16:53 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015/04/03 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\.mono
[2015/01/29 22:46:28 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\CAD-KAS
[2015/04/05 18:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\DAEMON Tools Lite
[2015/05/03 10:55:50 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\eM Client
[2015/05/02 09:35:32 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Hulubulu
[2015/02/24 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Kakao
[2014/12/04 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Leadertech
[2014/11/30 14:06:23 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Origin
[2015/05/02 09:34:37 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Rename Expert
[2014/11/29 15:49:24 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015/04/03 15:07:26 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Steam
[2015/04/21 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\uTorrent
========== Purity Check ==========
Restore point Set: OTL Restore Point
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FMVC - C:\WINDOWS\SysWow64\fmcodec.DLL (Fox Magic Software)
Drivers32: vidc.i420 - C:\WINDOWS\SysWow64\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2015/05/04 08:58:24 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Lucie\Desktop\OTL.exe
[2015/05/03 21:59:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2015/05/03 21:58:39 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\mbar
[2015/05/03 18:54:42 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/03 18:54:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/05/03 18:54:22 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/05/03 18:54:22 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/05/03 18:54:22 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/05/03 18:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/05/03 18:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/05/03 18:51:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015/05/03 18:43:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2015/05/03 18:43:33 | 000,000,000 | ---D | C] -- C:\Users\Lucie\AppData\Local\Temp
[2015/05/03 18:32:26 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2015/05/03 18:11:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/05/03 15:26:37 | 000,000,000 | ---D | C] -- C:\FRST
[2015/05/03 15:26:13 | 002,101,248 | ---- | C] (Farbar) -- C:\Users\Lucie\Desktop\FRST64.exe
[2015/05/02 12:35:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2015/05/02 09:35:32 | 000,000,000 | ---D | C] -- C:\Users\Lucie\AppData\Roaming\Hulubulu
[2015/05/02 09:35:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer
[2015/05/02 09:35:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced Renamer
[2015/05/02 09:34:37 | 000,000,000 | ---D | C] -- C:\Users\Lucie\AppData\Roaming\Rename Expert
[2015/05/02 09:20:14 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\Notebook
[2015/04/30 23:16:15 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2015/04/30 23:16:02 | 002,256,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2015/04/30 23:16:02 | 001,943,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2015/04/30 23:15:51 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2015/04/30 23:15:51 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2015/04/30 23:14:57 | 004,417,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2015/04/30 23:14:57 | 002,985,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2015/04/30 23:14:57 | 001,491,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2015/04/30 23:14:57 | 001,207,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2015/04/25 20:48:32 | 001,429,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2015/04/25 20:48:10 | 000,467,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2015/04/25 20:47:58 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2015/04/25 20:47:24 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:24 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:13 | 002,162,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2015/04/25 20:47:13 | 001,812,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2015/04/25 20:47:02 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2015/04/25 20:47:02 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2015/04/25 20:46:16 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015/04/25 20:46:16 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015/04/25 20:46:16 | 000,186,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2015/04/25 20:45:31 | 000,239,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2015/04/25 20:45:31 | 000,154,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2015/04/25 20:45:01 | 002,819,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2015/04/25 20:44:40 | 002,067,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2015/04/20 10:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/04/20 10:40:05 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015/04/18 18:00:58 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\Absolutorium
[2015/04/16 21:06:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appraiser
[2015/04/16 16:54:25 | 000,792,056 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/16 16:54:25 | 000,178,168 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/16 16:53:21 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2015/04/16 16:53:12 | 000,816,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2015/04/16 16:53:12 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2015/04/16 16:53:12 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2015/04/16 16:53:12 | 000,664,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2015/04/16 16:53:12 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2015/04/16 16:53:12 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2015/04/16 16:53:11 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2015/04/16 16:53:11 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2015/04/16 16:52:55 | 007,476,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2015/04/16 16:52:55 | 001,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2015/04/16 16:52:54 | 000,950,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2015/04/16 16:52:54 | 000,749,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2015/04/16 16:52:54 | 000,411,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tracerpt.exe
[2015/04/16 16:52:54 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tracerpt.exe
[2015/04/16 16:52:54 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2015/04/16 16:52:54 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2015/04/16 16:52:54 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2015/04/16 16:52:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2015/04/16 16:51:35 | 000,377,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\clfs.sys
[2015/04/16 16:51:35 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clfsw32.dll
[2015/04/16 16:51:35 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clfsw32.dll
[2015/04/16 16:51:21 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\generaltel.dll
[2015/04/16 16:51:21 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\acmigration.dll
[2015/04/16 16:51:20 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2015/04/16 16:51:20 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appraiser.dll
[2015/04/16 16:51:20 | 000,769,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\invagent.dll
[2015/04/16 16:51:20 | 000,419,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2015/04/16 16:51:20 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2015/04/16 16:51:20 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2015/04/13 22:50:18 | 002,373,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/13 22:50:18 | 000,891,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/13 22:50:18 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/13 22:50:18 | 000,408,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/13 22:50:18 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/13 22:50:18 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/13 22:50:18 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/13 22:50:18 | 000,133,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/13 22:50:18 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/13 22:50:18 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/13 22:50:18 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/13 22:50:18 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/13 22:50:18 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/13 22:50:18 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/13 22:50:18 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/13 22:50:18 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/13 22:50:18 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/10 20:29:30 | 000,000,000 | ---D | C] -- C:\Users\Lucie\Desktop\New folder
[2015/04/08 17:54:18 | 000,780,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/04 10:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
[2015/04/04 10:39:39 | 000,000,000 | ---D | C] -- C:\GOG Games
========== Files - Modified Within 30 Days ==========
[2015/05/04 09:01:38 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015/05/04 08:58:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Lucie\Desktop\OTL.exe
[2015/05/04 08:50:48 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/05/04 08:50:46 | 3281,010,688 | -HS- | M] () -- C:\hiberfil.sys
[2015/05/03 21:59:30 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/03 21:58:44 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/05/03 18:54:28 | 000,001,106 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/05/03 18:34:11 | 000,000,753 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts
[2015/05/03 18:32:26 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe
[2015/05/03 18:32:02 | 001,305,600 | ---- | M] () -- C:\Users\Lucie\Desktop\zoek.exe
[2015/05/03 18:11:35 | 002,204,160 | ---- | M] () -- C:\Users\Lucie\Desktop\adwcleaner_4.203.exe
[2015/05/03 17:58:19 | 000,124,211 | ---- | M] () -- C:\Users\Lucie\Desktop\1.jpg
[2015/05/03 15:26:20 | 002,101,248 | ---- | M] (Farbar) -- C:\Users\Lucie\Desktop\FRST64.exe
[2015/05/02 09:48:23 | 000,000,540 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den city.aren
[2015/05/02 09:45:05 | 000,000,544 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den 8.aren
[2015/05/02 09:42:42 | 000,000,572 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den1.aren
[2015/05/02 09:40:50 | 000,000,564 | ---- | M] () -- C:\Users\Lucie\Rok měsíc den.aren
[2015/05/02 09:35:20 | 000,001,035 | ---- | M] () -- C:\Users\Lucie\Desktop\Advanced Renamer.lnk
[2015/05/02 09:04:34 | 000,863,592 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/05/02 09:04:34 | 000,722,476 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/05/02 09:04:34 | 000,135,592 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/05/01 14:47:21 | 007,616,135 | ---- | M] () -- C:\Users\Lucie\Desktop\heaven 30.04.2015.rar
[2015/04/30 23:25:20 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/04/30 23:16:15 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ahcache.sys
[2015/04/30 23:16:02 | 002,256,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2015/04/30 23:16:02 | 001,943,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2015/04/30 23:15:51 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2015/04/30 23:15:51 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2015/04/30 23:15:11 | 000,410,017 | ---- | M] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/04/30 23:14:57 | 004,417,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbgeng.dll
[2015/04/30 23:14:57 | 002,985,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbgeng.dll
[2015/04/30 23:14:57 | 001,491,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dbghelp.dll
[2015/04/30 23:14:57 | 001,207,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2015/04/30 21:25:03 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/04/26 11:48:38 | 005,162,200 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015/04/25 20:48:32 | 001,429,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2015/04/25 20:48:10 | 000,467,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2015/04/25 20:47:58 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bthhfenum.sys
[2015/04/25 20:47:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:24 | 000,141,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.dll
[2015/04/25 20:47:13 | 002,162,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2015/04/25 20:47:13 | 001,812,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2015/04/25 20:47:02 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PhotoMetadataHandler.dll
[2015/04/25 20:47:02 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
[2015/04/25 20:46:29 | 002,473,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintConfig.dll
[2015/04/25 20:46:16 | 000,445,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2015/04/25 20:46:16 | 000,324,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2015/04/25 20:46:16 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2015/04/25 20:45:31 | 000,239,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2015/04/25 20:45:31 | 000,154,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2015/04/25 20:45:01 | 002,819,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2015/04/25 20:44:40 | 002,067,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2015/04/22 14:18:14 | 002,653,238 | ---- | M] () -- C:\Users\Lucie\Desktop\Anna Sabašová vizitk.JPG
[2015/04/21 22:10:03 | 000,001,645 | ---- | M] () -- C:\Users\Lucie\Desktop\DivX Movies.lnk
[2015/04/21 22:10:00 | 000,001,058 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2015/04/21 22:09:48 | 000,001,137 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2015/04/20 10:39:22 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2015/04/18 18:27:50 | 000,001,360 | ---- | M] () -- C:\Users\Lucie\Desktop\Disk Cleaner.lnk
[2015/04/18 15:50:41 | 000,161,494 | ---- | M] () -- C:\Users\Lucie\Documents\Seznam témat OP (2014-15).pdf
[2015/04/18 15:50:36 | 000,146,881 | ---- | M] () -- C:\Users\Lucie\Documents\Seznam témat AJ (2014-15).pdf
[2015/04/15 14:05:21 | 006,602,256 | ---- | M] () -- C:\Users\Lucie\Desktop\2. I AM - Output - Stereo Out.mp3
[2015/04/15 14:05:08 | 002,639,232 | ---- | M] () -- C:\Users\Lucie\Desktop\1. INTRO - Output - Stereo Out.mp3
[2015/04/15 14:04:58 | 002,473,610 | ---- | M] () -- C:\Users\Lucie\Desktop\ATT_1425490897616_Lord Lhus voorbeeld 2.mp3
[2015/04/15 14:04:48 | 008,954,388 | ---- | M] () -- C:\Users\Lucie\Desktop\10. CHRISTPHOBIA.mp3
[2015/04/15 11:24:17 | 011,142,612 | ---- | M] () -- C:\Users\Lucie\Desktop\3. GRAVEDIGGIN' - Output - Stereo Out.mp3
[2015/04/15 11:24:13 | 010,427,472 | ---- | M] () -- C:\Users\Lucie\Desktop\9. ANOTHER HORROR STORY.mp3
[2015/04/15 11:24:09 | 010,364,832 | ---- | M] () -- C:\Users\Lucie\Desktop\12. STRINGS OF STRANGULATION.mp3
[2015/04/15 11:24:00 | 009,895,032 | ---- | M] () -- C:\Users\Lucie\Desktop\11. SOULLES DURING THE SOLSTICE.mp3
[2015/04/15 11:23:56 | 007,994,952 | ---- | M] () -- C:\Users\Lucie\Desktop\6. I SPIT ON YOUR GRAVE - Output - Stereo Out.mp3
[2015/04/15 11:23:51 | 007,427,016 | ---- | M] () -- C:\Users\Lucie\Desktop\13. UNDER STANDING.mp3
[2015/04/15 11:23:45 | 006,664,896 | ---- | M] () -- C:\Users\Lucie\Desktop\5. TORTURE MUSIC - Output - Stereo Out.mp3
[2015/04/15 11:22:26 | 008,479,368 | ---- | M] () -- C:\Users\Lucie\Desktop\8. ACAB ft. JACE ABSTRACT.mp3
[2015/04/14 09:38:00 | 000,064,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/04/14 09:37:42 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/04/14 01:24:21 | 000,792,056 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2015/04/14 01:24:21 | 000,178,168 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2015/04/13 22:50:18 | 002,373,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2015/04/13 22:50:18 | 000,891,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2015/04/13 22:50:18 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2015/04/13 22:50:18 | 000,408,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2015/04/13 22:50:18 | 000,267,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2015/04/13 22:50:18 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2015/04/13 22:50:18 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2015/04/13 22:50:18 | 000,133,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2015/04/13 22:50:18 | 000,124,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2015/04/13 22:50:18 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2015/04/13 22:50:18 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2015/04/13 22:50:18 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2015/04/13 22:50:18 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2015/04/13 22:50:18 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2015/04/13 22:50:18 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2015/04/13 22:50:18 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2015/04/13 22:50:18 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wu.upgrade.ps.dll
[2015/04/12 20:57:56 | 000,007,597 | ---- | M] () -- C:\Users\Lucie\AppData\Local\resmon.resmoncfg
[2015/04/09 21:30:25 | 346,516,884 | ---- | M] () -- C:\Users\Lucie\Desktop\lhus olomouc show.rar
[2015/04/08 17:54:18 | 000,780,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2015/04/04 10:57:20 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\Pillars of Eternity.lnk
========== Files Created - No Company Name ==========
[2015/05/04 09:01:38 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015/05/03 18:54:28 | 000,001,106 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015/05/03 18:43:35 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe
[2015/05/03 18:31:51 | 001,305,600 | ---- | C] () -- C:\Users\Lucie\Desktop\zoek.exe
[2015/05/03 18:11:22 | 002,204,160 | ---- | C] () -- C:\Users\Lucie\Desktop\adwcleaner_4.203.exe
[2015/05/03 17:58:19 | 000,124,211 | ---- | C] () -- C:\Users\Lucie\Desktop\1.jpg
[2015/05/03 17:21:39 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\Play Dragon Age Inquisition.lnk
[2015/05/03 17:21:39 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\Pillars of Eternity.lnk
[2015/05/02 09:48:23 | 000,000,540 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den city.aren
[2015/05/02 09:45:05 | 000,000,544 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den 8.aren
[2015/05/02 09:42:42 | 000,000,572 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den1.aren
[2015/05/02 09:40:50 | 000,000,564 | ---- | C] () -- C:\Users\Lucie\Rok měsíc den.aren
[2015/05/02 09:35:20 | 000,001,035 | ---- | C] () -- C:\Users\Lucie\Desktop\Advanced Renamer.lnk
[2015/05/01 14:47:21 | 007,616,135 | ---- | C] () -- C:\Users\Lucie\Desktop\heaven 30.04.2015.rar
[2015/04/30 23:15:11 | 000,410,017 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/04/28 08:37:10 | 000,000,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
[2015/04/22 14:18:14 | 002,653,238 | ---- | C] () -- C:\Users\Lucie\Desktop\Anna Sabašová vizitk.JPG
[2015/04/21 22:10:00 | 000,001,058 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2015/04/21 22:09:48 | 000,001,137 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2015/04/18 18:27:50 | 000,001,360 | ---- | C] () -- C:\Users\Lucie\Desktop\Disk Cleaner.lnk
[2015/04/18 15:50:41 | 000,161,494 | ---- | C] () -- C:\Users\Lucie\Documents\Seznam témat OP (2014-15).pdf
[2015/04/18 15:50:36 | 000,146,881 | ---- | C] () -- C:\Users\Lucie\Documents\Seznam témat AJ (2014-15).pdf
[2015/04/16 16:53:11 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/16 16:53:11 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/15 14:05:08 | 002,639,232 | ---- | C] () -- C:\Users\Lucie\Desktop\1. INTRO - Output - Stereo Out.mp3
[2015/04/15 14:04:58 | 002,473,610 | ---- | C] () -- C:\Users\Lucie\Desktop\ATT_1425490897616_Lord Lhus voorbeeld 2.mp3
[2015/04/15 14:04:48 | 008,954,388 | ---- | C] () -- C:\Users\Lucie\Desktop\10. CHRISTPHOBIA.mp3
[2015/04/15 11:24:17 | 011,142,612 | ---- | C] () -- C:\Users\Lucie\Desktop\3. GRAVEDIGGIN' - Output - Stereo Out.mp3
[2015/04/15 11:23:55 | 007,994,952 | ---- | C] () -- C:\Users\Lucie\Desktop\6. I SPIT ON YOUR GRAVE - Output - Stereo Out.mp3
[2015/04/15 11:23:51 | 007,427,016 | ---- | C] () -- C:\Users\Lucie\Desktop\13. UNDER STANDING.mp3
[2015/04/15 11:22:54 | 006,664,896 | ---- | C] () -- C:\Users\Lucie\Desktop\5. TORTURE MUSIC - Output - Stereo Out.mp3
[2015/04/15 11:22:50 | 010,427,472 | ---- | C] () -- C:\Users\Lucie\Desktop\9. ANOTHER HORROR STORY.mp3
[2015/04/15 11:22:46 | 006,602,256 | ---- | C] () -- C:\Users\Lucie\Desktop\2. I AM - Output - Stereo Out.mp3
[2015/04/15 11:22:39 | 009,895,032 | ---- | C] () -- C:\Users\Lucie\Desktop\11. SOULLES DURING THE SOLSTICE.mp3
[2015/04/15 11:22:33 | 010,364,832 | ---- | C] () -- C:\Users\Lucie\Desktop\12. STRINGS OF STRANGULATION.mp3
[2015/04/15 11:22:26 | 008,479,368 | ---- | C] () -- C:\Users\Lucie\Desktop\8. ACAB ft. JACE ABSTRACT.mp3
[2015/04/09 21:29:48 | 346,516,884 | ---- | C] () -- C:\Users\Lucie\Desktop\lhus olomouc show.rar
[2015/03/01 16:00:02 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2015/02/25 02:22:43 | 000,003,736 | ---- | C] () -- C:\Users\Lucie\.ganttproject
[2015/01/29 22:46:18 | 000,082,064 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01cz.exe
[2014/12/04 11:20:54 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2014/12/04 11:15:29 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/11/29 20:25:41 | 000,007,597 | ---- | C] () -- C:\Users\Lucie\AppData\Local\resmon.resmoncfg
[2014/10/01 20:54:10 | 000,183,808 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/10/01 20:54:10 | 000,143,360 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/09/24 09:24:06 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/08/22 17:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 17:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 16:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 09:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 01:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/22 01:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
========== ZeroAccess Check ==========
[2014/11/30 23:13:23 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/02/12 19:40:58 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/02/12 19:34:06 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/12/04 11:16:54 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/12/04 11:19:54 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/12/04 11:16:53 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015/04/03 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\.mono
[2015/01/29 22:46:28 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\CAD-KAS
[2015/04/05 18:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\DAEMON Tools Lite
[2015/05/03 10:55:50 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\eM Client
[2015/05/02 09:35:32 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Hulubulu
[2015/02/24 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Kakao
[2014/12/04 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Leadertech
[2014/11/30 14:06:23 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Origin
[2015/05/02 09:34:37 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Rename Expert
[2014/11/29 15:49:24 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015/04/03 15:07:26 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Steam
[2015/04/21 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\uTorrent
========== Purity Check ==========
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Re: Pomalý chod notebooku
========== Custom Scans ==========
< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/09/24 09:24:11 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/09/24 09:24:11 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/09/24 09:23:47 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/09/24 09:23:47 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2015/03/13 14:38:47 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014/12/07 13:50:51 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/03/13 14:45:13 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/12/07 13:50:49 | 000,406,070 | ---- | M] () MD5=76F6C93DAB026F37CBAA577B16597B08 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_42a32f914d8ea09c\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2014/12/08 11:26:02 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014/12/08 11:25:57 | 000,350,621 | ---- | M] () MD5=C77F19C2FD32D2C15FD8978D0A3BAF70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_4cf7d9e381ef6297\explorer.exe
< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/12/07 13:52:49 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
< MD5 for: SCECLI.DLL >
[2014/12/08 11:43:17 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2014/12/07 19:11:33 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/12/04 11:17:56 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/12/04 11:17:56 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/12/04 11:20:24 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/12/04 11:20:24 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
< MD5 for: SERVICES.EXE >
[2014/12/04 11:14:54 | 000,411,128 | ---- | M] (Microsoft Corporation) MD5=5BF02EBEFEDC706318C96E2E60EDCB91 -- C:\WINDOWS\SysNative\services.exe
[2014/12/04 11:14:54 | 000,411,128 | ---- | M] (Microsoft Corporation) MD5=5BF02EBEFEDC706318C96E2E60EDCB91 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17415_none_3023c055d060b271\services.exe
[2014/12/07 19:10:08 | 000,099,046 | ---- | M] () MD5=6B5BDEEB170D0DA2C56753F0347809DD -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
< MD5 for: SVCHOST.EXE >
[2015/04/14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2014/12/08 12:22:48 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2014/12/07 19:12:56 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/12/04 11:21:01 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/12/04 11:21:01 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/12/04 11:14:58 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/12/04 11:14:58 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/12/07 19:20:31 | 000,473,264 | ---- | M] () MD5=122DA4EAB49C5DEDC6FA7522DFD097DC -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/12/07 19:20:35 | 000,471,619 | ---- | M] () MD5=21A6C07B0C0449A4FA5619DAFA5A5D38 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/12/13 22:20:09 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=3C2DF97A21A9BBE6355B0A51F288EFFF -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/12/13 22:20:09 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=3C2DF97A21A9BBE6355B0A51F288EFFF -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17485_none_a3dd5dc53a5c7789\tcpip.sys
[2014/12/14 13:56:36 | 000,001,784 | ---- | M] () MD5=7F247B320FA5BA3826A8AFDD3E00CD91 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2014/12/07 19:20:39 | 000,407,855 | ---- | M] () MD5=95D42967ED3B11A56EE2ABD583FF5146 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
[2014/12/07 19:20:43 | 000,409,864 | ---- | M] () MD5=D0C41590A1BCB4C0BD592D8AB976FE2F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
< MD5 for: USERINIT.EXE >
[2014/12/07 19:38:02 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2014/12/08 12:27:04 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/12/04 11:15:03 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/12/04 11:15:03 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/12/04 11:21:02 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/12/04 11:21:02 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
< MD5 for: WINLOGON.EXE >
[2015/04/14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/12/07 23:24:37 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/12/04 11:17:55 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/12/04 11:17:55 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2015/04/03 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\.mono
[2014/12/02 00:01:02 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Adobe
[2014/11/29 12:30:14 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Apple Computer
[2015/01/29 22:46:28 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\CAD-KAS
[2015/04/05 18:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\DAEMON Tools Lite
[2015/04/21 21:52:48 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\DivX
[2015/02/11 01:22:44 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\dvdcss
[2015/05/03 10:55:50 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\eM Client
[2015/05/02 09:35:32 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Hulubulu
[2014/11/29 20:09:28 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Identities
[2015/02/24 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Kakao
[2014/12/04 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Leadertech
[2014/11/29 12:01:02 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Macromedia
[2015/01/07 22:16:45 | 000,000,000 | --SD | M] -- C:\Users\Lucie\AppData\Roaming\Microsoft
[2014/11/29 15:48:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\NVIDIA
[2014/11/30 14:06:23 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Origin
[2015/05/02 09:34:37 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Rename Expert
[2015/04/19 21:13:03 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Skype
[2014/11/29 15:49:24 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015/04/03 15:07:26 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Steam
[2015/04/21 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\uTorrent
[2015/04/19 21:50:52 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\vlc
[2014/11/29 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2015/01/04 19:14:37 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Lucie\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2015/01/25 00:09:07 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lucie\AppData\Roaming\uTorrent\uTorrent.exe
[2014/12/05 09:21:24 | 001,682,512 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lucie\AppData\Roaming\uTorrent\updates\3.4.2_36802.exe
[2015/01/25 00:09:07 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lucie\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2015/05/03 18:04:54 | 000,000,031 | ---- | M] () -- C:\WINDOWS\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< *keygen* /s >
[2015/03/23 17:52:06 | 000,030,548 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\keygeneric.unity3d
< *loader* /s >
[2015/01/30 20:49:29 | 000,019,765 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Lucie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\configLoader.js.vir
[2015/01/30 20:49:29 | 000,002,597 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Lucie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\scriptLoader.js.vir
[2015/01/20 00:29:08 | 002,158,880 | ---- | M] () -- \FRST\Quarantine\C\Program Files (x86)\IObit\IObit Uninstaller\Downloader.exe
[2015/01/16 17:19:22 | 002,161,440 | ---- | M] () -- \FRST\Quarantine\C\Program Files (x86)\IObit\Smart Defrag 4\ActionCenterDownloader.exe
[2012/02/23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2014/09/03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014/09/03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/11 17:41:12 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\Koan\pyloader.dll
[2012/07/11 17:41:14 | 000,026,346 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/07/11 17:41:14 | 000,121,968 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011/05/06 01:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/06 01:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/06 01:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2014/06/10 17:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014/06/10 17:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014/06/10 17:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014/06/10 17:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014/12/10 03:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014/11/11 20:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2012/03/13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012/03/13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2014/09/03 01:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014/09/03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/29 19:45:50 | 000,003,282 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-100.png
[2012/07/29 19:45:50 | 000,003,471 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-140.png
[2012/07/29 19:45:50 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-100.png
[2012/07/29 19:45:50 | 000,003,447 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-140.png
[2012/07/29 19:45:50 | 000,003,290 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-100.png
[2012/07/29 19:45:50 | 000,003,450 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-140.png
[2012/07/29 19:45:50 | 000,003,307 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-100.png
[2012/07/29 19:45:50 | 000,003,478 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-140.png
[2012/07/29 19:45:50 | 000,003,272 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-100.png
[2012/07/29 19:45:50 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-140.png
[2012/07/29 19:45:50 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-100.png
[2012/07/29 19:45:50 | 000,003,458 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-140.png
[2012/07/29 19:45:50 | 000,003,286 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-100.png
[2012/07/29 19:45:50 | 000,003,469 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-140.png
[2012/07/29 19:45:50 | 000,003,298 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-100.png
[2012/07/29 19:45:50 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-140.png
[2014/09/24 08:58:16 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.303_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2014/11/30 23:32:52 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/11/30 23:32:52 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/11/30 23:39:30 | 000,001,338 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\LoaderPage.xbf
[2014/11/30 23:39:31 | 000,011,300 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderPage.xbf
[2014/11/30 23:39:31 | 000,002,178 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\StandartPreloaderControl.xbf
[2014/11/30 23:40:04 | 000,001,290 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\ApplicationLoader.xbf
[2014/11/30 23:32:52 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/11/30 23:32:52 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/11/30 23:42:12 | 000,004,686 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2014/11/30 23:32:52 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/11/30 23:32:52 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/11/30 23:34:05 | 000,011,287 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xbf
[2014/11/30 23:34:13 | 000,001,262 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Pages\LoaderPage.xbf
[2014/09/24 08:59:55 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2014/09/24 08:59:56 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2014/09/24 08:59:56 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2014/09/24 09:00:43 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/08/27 22:41:31 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2015/05/03 14:42:39 | 000,884,800 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2015/04/16 16:44:22 | 000,000,742 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader_1.log
[2015/05/02 19:51:46 | 000,005,859 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Toolbox_Downloader.log
[2015/05/03 14:42:39 | 000,884,800 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2015/04/16 16:44:22 | 000,000,742 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader_1.log
[2015/05/02 19:51:46 | 000,005,859 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Toolbox_Downloader.log
[2014/12/15 17:26:30 | 000,072,638 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/12/15 17:26:30 | 000,003,032 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\loader.png
[2014/12/15 17:26:30 | 000,006,012 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/12/15 17:26:30 | 000,021,956 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/12/15 17:26:30 | 000,009,772 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/12/01 13:32:35 | 000,017,920 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\bc1d11f57f24a0dd64d67b5ebe84e8ff\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/12/01 13:32:35 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\bc1d11f57f24a0dd64d67b5ebe84e8ff\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2013/05/09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/05/09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/05/09 02:43:22 | 000,364,168 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/05/09 02:43:22 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014/11/29 19:29:29 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.CLRLoader.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2014/12/04 11:16:40 | 000,041,472 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2014/12/04 11:16:40 | 000,041,472 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/09/24 12:11:16 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/09/24 12:11:15 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/09/24 12:11:20 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/09/24 12:11:19 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/09/24 12:11:25 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/09/24 12:11:24 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2014/12/07 13:41:42 | 000,010,089 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2014/12/04 11:17:05 | 000,050,688 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_36ff16d863604256\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/09/24 09:26:14 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2014/09/24 12:15:57 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.efi.mui_35ee487d
[2014/09/24 12:15:57 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.exe.mui_3bc5b827
[2014/09/24 12:15:57 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.efi.mui_f412814e
[2014/09/24 12:15:58 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.exe.mui_ff8b5358
[2014/09/24 09:34:30 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/09/24 12:16:00 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/09/24 12:16:02 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/09/24 12:16:03 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/09/24 12:16:04 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2015/05/03 17:48:06 | 000,000,616 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2014/09/24 08:31:35 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2014/09/24 09:21:05 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2014/09/24 09:21:07 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/09/24 09:31:44 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2015/05/03 17:29:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\Temp\PendingRenames\13395000b685d00117450000d8126414.programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2015/05/03 17:38:10 | 000,000,616 | ---- | M] () -- \Windows\WinSxS\Temp\PendingRenames\56fed828b785d001b9770000d8126414.programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2014/12/08 11:55:26 | 000,008,359 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2014/12/04 11:16:40 | 000,041,472 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_dae07b54ab02d120\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll
< *AutoKMS* /s >
[2014/11/29 17:20:47 | 003,732,480 | ---- | M] () -- \FRST\Quarantine\C\Windows\AutoKMS\AutoKMS.exe
[2014/11/29 21:10:44 | 000,000,879 | ---- | M] () -- \FRST\Quarantine\C\Windows\AutoKMS\AutoKMS.log
[2015/02/23 20:25:07 | 000,003,858 | ---- | M] () -- \FRST\Quarantine\C\Windows\System32\Tasks\AutoKMS.xBAD
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Lucie\OneDrive:ms-properties
< End of report >
< >
[2013/08/22 16:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
< MD5 for: ATAPI.SYS >
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\drivers\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\WINDOWS\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_64aa4354da84c2df\atapi.sys
[2013/08/22 14:43:41 | 000,026,464 | ---- | M] (Microsoft Corporation) MD5=74B14192CF79A72F7536B27CB8814FBD -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.3.9600.16384_none_cdf68824f580d510\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2014/09/24 09:24:11 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\SysWOW64\autochk.exe
[2014/09/24 09:24:11 | 000,792,576 | ---- | M] (Microsoft Corporation) MD5=1D31E78ED5C40B5C6CC8D3DE713177A5 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_76c6a414dd35029f\autochk.exe
[2014/09/24 09:23:47 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\WINDOWS\SysNative\autochk.exe
[2014/09/24 09:23:47 | 000,890,880 | ---- | M] (Microsoft Corporation) MD5=387A1E98BE548E4F199343CBA01E9D6D -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.3.9600.17031_none_d2e53f98959273d5\autochk.exe
< MD5 for: CDROM.SYS >
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\drivers\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\WINDOWS\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_42e9c29f0affc440\cdrom.sys
[2013/08/22 10:46:35 | 000,164,352 | ---- | M] (Microsoft Corporation) MD5=C6796EA22B513E3457514D92DCDB1A3D -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.3.9600.16384_none_5067bbed77be70be\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2015/03/13 14:38:47 | 000,087,190 | ---- | M] () MD5=1BF154F7BFAE2B9E0545FB09946C1817 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_42bfa1f94d79e1bb\explorer.exe
[2014/12/07 13:50:51 | 000,395,976 | ---- | M] () MD5=45DD8FAA7B53ABD29BCB9BACABFFC818 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4272ee6f4db391ad\explorer.exe
[2015/03/13 14:45:13 | 000,107,122 | ---- | M] () MD5=52063502D4A2E28FEBEA781D0EE5C453 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17415_none_4d144c4b81daa3b6\explorer.exe
[2014/12/07 13:50:49 | 000,406,070 | ---- | M] () MD5=76F6C93DAB026F37CBAA577B16597B08 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_42a32f914d8ea09c\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\SysWOW64\explorer.exe
[2015/01/28 01:41:17 | 002,207,488 | ---- | M] (Microsoft Corporation) MD5=91E24273FCA076EA9E65DAFA98901225 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_4ce0410f82015c67\explorer.exe
[2014/12/08 11:26:02 | 000,338,811 | ---- | M] () MD5=9E110FC1BA4AB7CB5F2F9D27DB534223 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17284_none_4cc798c1821453a8\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\explorer.exe
[2015/01/28 01:47:12 | 002,501,368 | ---- | M] (Microsoft Corporation) MD5=C10A66189DC8C090E7C84873EDCEBC88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17667_none_428b96bd4da09a6c\explorer.exe
[2014/12/08 11:25:57 | 000,350,621 | ---- | M] () MD5=C77F19C2FD32D2C15FD8978D0A3BAF70 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.3.9600.17249_none_4cf7d9e381ef6297\explorer.exe
< MD5 for: HAL.DLL >
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\WINDOWS\SysNative\hal.dll
[2014/06/02 04:10:31 | 000,423,768 | ---- | M] (Microsoft Corporation) MD5=08DCA300264238F9AE941302321F3D54 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17196_none_9bde68c32da7abbb\hal.dll
[2014/12/07 13:52:49 | 000,024,467 | ---- | M] () MD5=2635F50EAF3E1B4A8D32B21E1203E130 -- C:\Windows\WinSxS\amd64_microsoft-windows-hal_31bf3856ad364e35_6.3.9600.17031_none_9c1a44f32d7b883b\hal.dll
< MD5 for: SCECLI.DLL >
[2014/12/08 11:43:17 | 000,042,572 | ---- | M] () MD5=22CDB04B964A8D34C42BB7ED150784F8 -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_3320ecb8e1733781\scecli.dll
[2014/12/07 19:11:33 | 000,045,911 | ---- | M] () MD5=878EBE290BED3EE6AC21BF4EE1458F67 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.16384_none_28cc4266ad127586\scecli.dll
[2014/12/04 11:17:56 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\WINDOWS\SysNative\scecli.dll
[2014/12/04 11:17:56 | 000,274,944 | ---- | M] (Microsoft Corporation) MD5=9A475B8F19A15BFDE8DF84E40ECAE8AA -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_2918dd42acd8e20e\scecli.dll
[2014/12/04 11:20:24 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\SysWOW64\scecli.dll
[2014/12/04 11:20:24 | 000,214,016 | ---- | M] (Microsoft Corporation) MD5=FB740FE549197E7B08021EF30327921D -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.3.9600.17415_none_336d8794e139a409\scecli.dll
< MD5 for: SERVICES.EXE >
[2014/12/04 11:14:54 | 000,411,128 | ---- | M] (Microsoft Corporation) MD5=5BF02EBEFEDC706318C96E2E60EDCB91 -- C:\WINDOWS\SysNative\services.exe
[2014/12/04 11:14:54 | 000,411,128 | ---- | M] (Microsoft Corporation) MD5=5BF02EBEFEDC706318C96E2E60EDCB91 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17415_none_3023c055d060b271\services.exe
[2014/12/07 19:10:08 | 000,099,046 | ---- | M] () MD5=6B5BDEEB170D0DA2C56753F0347809DD -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.3.9600.17084_none_2fd708ffd09a6815\services.exe
< MD5 for: SVCHOST.EXE >
[2015/04/14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\svchost.exe
[2014/12/08 12:22:48 | 000,007,517 | ---- | M] () MD5=73AA583D4FB0F05C313B38C091D94804 -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_4a5b1e2820e75323\svchost.exe
[2014/12/07 19:12:56 | 000,007,559 | ---- | M] () MD5=CFE97816CBBEF783FD8634109F1877D2 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.16384_none_a679b9abd944c459\svchost.exe
[2014/12/04 11:21:01 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\SysWOW64\svchost.exe
[2014/12/04 11:21:01 | 000,033,088 | ---- | M] (Microsoft Corporation) MD5=D0ABC231C0B3E88C6B612B28ABBF734D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_4aa7b90420adbfab\svchost.exe
[2014/12/04 11:14:58 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\WINDOWS\SysNative\svchost.exe
[2014/12/04 11:14:58 | 000,038,792 | ---- | M] (Microsoft Corporation) MD5=E3A2AD05E24105B35E986CF9CB38EC47 -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.3.9600.17415_none_a6c65487d90b30e1\svchost.exe
< MD5 for: TCPIP.SYS >
[2014/12/07 19:20:31 | 000,473,264 | ---- | M] () MD5=122DA4EAB49C5DEDC6FA7522DFD097DC -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17136_none_a41467f93a330db6\tcpip.sys
[2014/12/07 19:20:35 | 000,471,619 | ---- | M] () MD5=21A6C07B0C0449A4FA5619DAFA5A5D38 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17238_none_a4166a733a313d8b\tcpip.sys
[2014/12/13 22:20:09 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=3C2DF97A21A9BBE6355B0A51F288EFFF -- C:\WINDOWS\SysNative\drivers\tcpip.sys
[2014/12/13 22:20:09 | 002,485,056 | ---- | M] (Microsoft Corporation) MD5=3C2DF97A21A9BBE6355B0A51F288EFFF -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17485_none_a3dd5dc53a5c7789\tcpip.sys
[2014/12/14 13:56:36 | 000,001,784 | ---- | M] () MD5=7F247B320FA5BA3826A8AFDD3E00CD91 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17415_none_a4290d393a23b3f2\tcpip.sys
[2014/12/07 19:20:39 | 000,407,855 | ---- | M] () MD5=95D42967ED3B11A56EE2ABD583FF5146 -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17278_none_a3eb2ac33a51ad4f\tcpip.sys
[2014/12/07 19:20:43 | 000,409,864 | ---- | M] () MD5=D0C41590A1BCB4C0BD592D8AB976FE2F -- C:\Windows\WinSxS\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.3.9600.17336_none_a4146bc53a330804\tcpip.sys
< MD5 for: USERINIT.EXE >
[2014/12/07 19:38:02 | 000,002,671 | ---- | M] () MD5=061AC3BD7ADC5DCBA6AC0F23895266F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_cce71a20a5a6fe7f\userinit.exe
[2014/12/08 12:27:04 | 000,004,269 | ---- | M] () MD5=1AE98168631581DE1343C3A87A6CBCA9 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.16384_none_70c87e9ced498d49\userinit.exe
[2014/12/04 11:15:03 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\WINDOWS\SysNative\userinit.exe
[2014/12/04 11:15:03 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=5C131534A3EA4A461A793FB507A8004F -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_cd33b4fca56d6b07\userinit.exe
[2014/12/04 11:21:02 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\SysWOW64\userinit.exe
[2014/12/04 11:21:02 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=D10643FC0095434C819316CA6CD748C0 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.3.9600.17415_none_71151978ed0ff9d1\userinit.exe
< MD5 for: WINLOGON.EXE >
[2015/04/14 09:36:16 | 000,878,392 | ---- | M] (MalwareBytes) MD5=4518DD9A09B4FEF7DB3B13F0DDDDD36E -- C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\winlogon.exe
[2014/12/07 23:24:37 | 000,100,951 | ---- | M] () MD5=A176623494AF009927242266EF51DCFB -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17031_none_60b45365a8c2ccdb\winlogon.exe
[2014/12/04 11:17:55 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\WINDOWS\SysNative\winlogon.exe
[2014/12/04 11:17:55 | 000,572,416 | ---- | M] (Microsoft Corporation) MD5=EC498BAE1F0D3E0E401C963F8D76C437 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.3.9600.17415_none_60cdfbfda8aeeef1\winlogon.exe
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2015/04/03 15:07:47 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\.mono
[2014/12/02 00:01:02 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Adobe
[2014/11/29 12:30:14 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Apple Computer
[2015/01/29 22:46:28 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\CAD-KAS
[2015/04/05 18:37:16 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\DAEMON Tools Lite
[2015/04/21 21:52:48 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\DivX
[2015/02/11 01:22:44 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\dvdcss
[2015/05/03 10:55:50 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\eM Client
[2015/05/02 09:35:32 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Hulubulu
[2014/11/29 20:09:28 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Identities
[2015/02/24 15:29:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Kakao
[2014/12/04 16:03:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Leadertech
[2014/11/29 12:01:02 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Macromedia
[2015/01/07 22:16:45 | 000,000,000 | --SD | M] -- C:\Users\Lucie\AppData\Roaming\Microsoft
[2014/11/29 15:48:41 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\NVIDIA
[2014/11/30 14:06:23 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Origin
[2015/05/02 09:34:37 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Rename Expert
[2015/04/19 21:13:03 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Skype
[2014/11/29 15:49:24 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2015/04/03 15:07:26 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\Steam
[2015/04/21 21:52:22 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\uTorrent
[2015/04/19 21:50:52 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\vlc
[2014/11/29 12:42:00 | 000,000,000 | ---D | M] -- C:\Users\Lucie\AppData\Roaming\WinRAR
< %APPDATA%\*.exe /s >
[2015/01/04 19:14:37 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Lucie\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2015/01/25 00:09:07 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lucie\AppData\Roaming\uTorrent\uTorrent.exe
[2014/12/05 09:21:24 | 001,682,512 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lucie\AppData\Roaming\uTorrent\updates\3.4.2_36802.exe
[2015/01/25 00:09:07 | 001,374,032 | ---- | M] (BitTorrent Inc.) -- C:\Users\Lucie\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2015/05/03 18:04:54 | 000,000,031 | ---- | M] () -- C:\WINDOWS\system32\log.txt
< %SYSTEMDRIVE%\*.exe >
< *keygen* /s >
[2015/03/23 17:52:06 | 000,030,548 | ---- | M] () -- \GOG Games\Pillars of Eternity\PillarsOfEternity_Data\assetbundles\prefabs\objectbundle\keygeneric.unity3d
< *loader* /s >
[2015/01/30 20:49:29 | 000,019,765 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Lucie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\configLoader.js.vir
[2015/01/30 20:49:29 | 000,002,597 | ---- | M] () -- \AdwCleaner\Quarantine\C\Users\Lucie\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja\2.1.0.23_0\js\scriptLoader.js.vir
[2015/01/20 00:29:08 | 002,158,880 | ---- | M] () -- \FRST\Quarantine\C\Program Files (x86)\IObit\IObit Uninstaller\Downloader.exe
[2015/01/16 17:19:22 | 002,161,440 | ---- | M] () -- \FRST\Quarantine\C\Program Files (x86)\IObit\Smart Defrag 4\ActionCenterDownloader.exe
[2012/02/23 00:11:56 | 000,078,336 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll
[2012/02/23 00:11:56 | 000,155,136 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll
[2012/02/23 00:11:56 | 000,117,248 | ---- | M] () -- \Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll
[2014/09/03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014/09/03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/11 17:41:12 | 000,126,064 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\Koan\pyloader.dll
[2012/07/11 17:41:14 | 000,026,346 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\PyImpLoader.kc
[2012/07/11 17:41:14 | 000,121,968 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PK\subsys\PyImpLoader\_PyImpLoader.pyd
[2011/05/06 01:35:06 | 000,010,775 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\mm\MediaCtrl\ImageLoader.kc
[2011/05/06 01:35:08 | 000,003,567 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\langloader.kc
[2011/05/06 01:35:08 | 000,013,369 | ---- | M] () -- \Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cox\widget\layoutloader.kc
[2014/06/10 17:42:34 | 000,065,344 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader.dll
[2014/06/10 17:42:34 | 000,067,904 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXLoader64.dll
[2014/06/10 17:42:30 | 000,070,464 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader.dll
[2014/06/10 17:42:30 | 000,085,312 | ---- | M] () -- \Program Files (x86)\NVIDIA Corporation\PhysX\Common\PhysXUpdateLoader64.dll
[2014/12/10 03:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014/11/11 20:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2012/03/13 13:10:54 | 003,297,128 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\Photodownloader.exe
[2012/03/13 11:42:26 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:28 | 000,011,161 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\combined_bitmaps\main_window\C_LoadError.png
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\da_dk\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\de_de\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\en_us\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\es_es\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fi_fi\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\fr_fr\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\it_it\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ja_jp\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\ko_kr\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\nl_nl\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\no_no\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\pt_br\Photodownloader.ini
[2012/03/13 11:42:28 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\sv_se\Photodownloader.ini
[2012/03/13 11:42:30 | 000,000,324 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_cn\Photodownloader.ini
[2012/03/13 11:42:30 | 000,000,011 | ---- | M] () -- \Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\photodownloader\apd\shared_assets\locales\zh_tw\Photodownloader.ini
[2014/09/03 01:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014/09/03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2012/07/29 19:45:50 | 000,003,282 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-100.png
[2012/07/29 19:45:50 | 000,003,471 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_01.scale-140.png
[2012/07/29 19:45:50 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-100.png
[2012/07/29 19:45:50 | 000,003,447 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_02.scale-140.png
[2012/07/29 19:45:50 | 000,003,290 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-100.png
[2012/07/29 19:45:50 | 000,003,450 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_03.scale-140.png
[2012/07/29 19:45:50 | 000,003,307 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-100.png
[2012/07/29 19:45:50 | 000,003,478 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_04.scale-140.png
[2012/07/29 19:45:50 | 000,003,272 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-100.png
[2012/07/29 19:45:50 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_05.scale-140.png
[2012/07/29 19:45:50 | 000,003,303 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-100.png
[2012/07/29 19:45:50 | 000,003,458 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_06.scale-140.png
[2012/07/29 19:45:50 | 000,003,286 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-100.png
[2012/07/29 19:45:50 | 000,003,469 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_07.scale-140.png
[2012/07/29 19:45:50 | 000,003,298 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-100.png
[2012/07/29 19:45:50 | 000,003,456 | ---- | M] () -- \Program Files\WindowsApps\AcerIncorporated.PackardBellExplorer_1.0.0.3002_neutral__48frkmn4z8aw4\Data\UISource\loader_08.scale-140.png
[2014/09/24 08:58:16 | 000,000,856 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.303_x64__8wekyb3d8bbwe\js\HtmlFileLoader.js
[2014/11/30 23:32:52 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/11/30 23:32:52 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/11/30 23:39:30 | 000,001,338 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\LoaderPage.xbf
[2014/11/30 23:39:31 | 000,011,300 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderPage.xbf
[2014/11/30 23:39:31 | 000,002,178 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\StandartPreloaderControl.xbf
[2014/11/30 23:40:04 | 000,001,290 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\ApplicationLoader.xbf
[2014/11/30 23:32:52 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/11/30 23:32:52 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/11/30 23:42:12 | 000,004,686 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.5.1411.701_x86__8wekyb3d8bbwe\MvvmStructure\View\Controls\PreloaderControl.xbf
[2014/11/30 23:32:52 | 000,038,912 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.AudioLoader.winmd
[2014/11/30 23:32:52 | 000,032,768 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.dll
[2014/11/30 23:32:52 | 000,002,560 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Arkadium.SharpDXEngine.DDSLoader.winmd
[2014/11/30 23:34:05 | 000,011,287 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Controls\PreloaderPage.xbf
[2014/11/30 23:34:13 | 000,001,262 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.Taptiles_2.4.1412.201_x86__8wekyb3d8bbwe\Pages\LoaderPage.xbf
[2014/09/24 08:59:55 | 000,001,160 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernpeople\appframe\backgroundloader.js
[2014/09/24 08:59:56 | 000,004,996 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernshareanything\sharedataloader.js
[2014/09/24 08:59:56 | 000,002,125 | ---- | M] () -- \Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\modernsharetarget\sharemaildataloader.js
[2014/09/24 09:00:43 | 000,043,128 | ---- | M] () -- \Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe\Framework\imageLoader.js
[2014/08/27 22:41:31 | 000,061,528 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2015/05/03 14:42:39 | 000,884,800 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader.log
[2015/04/16 16:44:22 | 000,000,742 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Downloader_1.log
[2015/05/02 19:51:46 | 000,005,859 | ---- | M] () -- \ProgramData\IObit\ASCDownloader\Toolbox_Downloader.log
[2015/05/03 14:42:39 | 000,884,800 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader.log
[2015/04/16 16:44:22 | 000,000,742 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Downloader_1.log
[2015/05/02 19:51:46 | 000,005,859 | ---- | M] () -- \Users\All Users\IObit\ASCDownloader\Toolbox_Downloader.log
[2014/12/15 17:26:30 | 000,072,638 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\loader.gif
[2014/12/15 17:26:30 | 000,003,032 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\loader.png
[2014/12/15 17:26:30 | 000,006,012 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\normal\loader_15fps.gif
[2014/12/15 17:26:30 | 000,021,956 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\normal\loader_30fps.gif
[2014/12/15 17:26:30 | 000,009,772 | ---- | M] () -- \Users\Lucie\AppData\Local\Skype\Apps\login\images\retina\loader@2x.png
[2014/12/01 13:32:35 | 000,017,920 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\bc1d11f57f24a0dd64d67b5ebe84e8ff\Microsoft.Office.InfoPath.CLRLoader.ni.dll
[2014/12/01 13:32:35 | 000,000,696 | ---- | M] () -- \Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.O29577370#\bc1d11f57f24a0dd64d67b5ebe84e8ff\Microsoft.Office.InfoPath.CLRLoader.ni.dll.aux
[2013/05/09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/05/09 02:43:22 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,019,048 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/05/09 02:43:22 | 000,364,168 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,364,128 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013/05/09 02:43:22 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2012/10/01 21:34:40 | 000,268,384 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00005109110000000100000000F01FEC\15.0.4420\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2014/11/29 19:29:29 | 000,015,528 | ---- | M] () -- \Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Office.InfoPath.CLRLoader\v4.0_15.0.0.0__71e9bce111e9429c\Microsoft.Office.InfoPath.CLRLoader.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\System32\api-ms-win-core-stringloader-l1-1-1.dll
[2014/12/04 11:16:40 | 000,041,472 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\System32\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-stringloader-l1-1-1.dll
[2014/12/04 11:16:40 | 000,041,472 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\SysWOW64\downlevel\api-ms-win-core-stringloader-l1-1-1.dll
[2014/09/24 12:11:16 | 000,592,677 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.efi
[2014/09/24 12:11:15 | 000,536,051 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.16384_none_210fb36c397c4e2b\hvloader.exe
[2014/09/24 12:11:20 | 000,598,463 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.efi
[2014/09/24 12:11:19 | 000,542,292 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17031_none_2142a5b03956989d\hvloader.exe
[2014/09/24 12:11:25 | 000,598,454 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.efi
[2014/09/24 12:11:24 | 000,542,288 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-hyper-v-drivers-hypervisor_31bf3856ad364e35_6.3.9600.17039_none_214aa800394f6355\hvloader.exe
[2014/12/07 13:41:42 | 000,010,089 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_36b27bfc6399d5ce\dmloader.dll
[2014/12/04 11:17:05 | 000,050,688 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_36ff16d863604256\dmloader.dll
[2013/08/22 15:25:37 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:37 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:36 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 13:45:31 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 13:45:33 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 13:45:35 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 13:45:30 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 13:45:40 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 13:45:44 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_fb7050014fc6f9b0\api-ms-win-core-stringloader-l1-1-1.dll
[2014/09/24 09:26:14 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2014/09/24 12:15:57 | 000,009,321 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.efi.mui_35ee487d
[2014/09/24 12:15:57 | 000,009,332 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winload.exe.mui_3bc5b827
[2014/09/24 12:15:57 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.efi.mui_f412814e
[2014/09/24 12:15:58 | 000,007,774 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759_winresume.exe.mui_ff8b5358
[2014/09/24 09:34:30 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2014/09/24 12:16:00 | 000,724,249 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.efi_75834aa0
[2014/09/24 12:16:02 | 000,660,625 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winload.exe_75835076
[2014/09/24 12:16:03 | 000,646,411 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.efi_85cd069f
[2014/09/24 12:16:04 | 000,587,303 | ---- | M] () -- \Windows\WinSxS\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd_winresume.exe_85cd1215
[2015/05/03 17:48:06 | 000,000,616 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2013/08/22 17:34:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\FileMaps\programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2014/09/24 08:31:35 | 000,000,459 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.16384_en-us_67571a10b7fadce7.manifest
[2014/09/24 09:21:05 | 000,000,462 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.3.9600.17031_en-us_678a0c54b7d52759.manifest
[2013/08/22 17:22:38 | 000,000,542 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.16384_none_4be51a3d409de6bc.manifest
[2014/09/24 09:21:07 | 000,000,545 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17031_none_4c180c814078312e.manifest
[2014/09/24 09:31:44 | 000,000,547 | ---- | M] () -- \Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.3.9600.17238_none_4c1f12534071dcdd.manifest
[2015/05/03 17:29:52 | 000,000,596 | ---- | M] () -- \Windows\WinSxS\Temp\PendingRenames\13395000b685d00117450000d8126414.programdata_microsoft_network_downloader_7fafaef6d33e4371.cdf-ms
[2015/05/03 17:38:10 | 000,000,616 | ---- | M] () -- \Windows\WinSxS\Temp\PendingRenames\56fed828b785d001b9770000d8126414.programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2014/12/08 11:55:26 | 000,008,359 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.16384_none_da93e078ab3c6498\dmloader.dll
[2014/12/04 11:16:40 | 000,041,472 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.3.9600.17415_none_dae07b54ab02d120\dmloader.dll
[2013/08/22 15:25:39 | 000,003,584 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 15:25:39 | 000,003,072 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 15:25:38 | 000,002,560 | ---- | M] () -- \Windows\WinSxS\x86_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_5c049f379cb3e319\api-ms-win-core-stringloader-l1-1-1.dll
[2013/08/22 06:17:27 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/22 06:17:25 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-1-1.dll
[2013/08/22 06:17:24 | 000,003,584 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-l1-2-0.dll
[2013/08/22 06:17:20 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-libraryloader-private-l1-1-0.dll
[2013/08/22 06:17:34 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-0.dll
[2013/08/22 06:17:33 | 000,002,560 | -H-- | M] () -- \Windows\WinSxS\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.3.9600.16384_none_9f51b47d9769887a\api-ms-win-core-stringloader-l1-1-1.dll
< *AutoKMS* /s >
[2014/11/29 17:20:47 | 003,732,480 | ---- | M] () -- \FRST\Quarantine\C\Windows\AutoKMS\AutoKMS.exe
[2014/11/29 21:10:44 | 000,000,879 | ---- | M] () -- \FRST\Quarantine\C\Windows\AutoKMS\AutoKMS.log
[2015/02/23 20:25:07 | 000,003,858 | ---- | M] () -- \FRST\Quarantine\C\Windows\System32\Tasks\AutoKMS.xBAD
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Lucie\OneDrive:ms-properties
< End of report >
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Re: Pomalý chod notebooku
OTL Extras logfile created on: 4. 5. 2015 9:00:16 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucie\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy
3,82 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 65,76% Memory free
4,76 Gb Paging File | 3,30 Gb Available in Paging File | 69,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,75 Gb Total Space | 759,98 Gb Free Space | 83,08% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Lucie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03406091-FACC-49D3-BF53-6E7421498070}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0727A671-CA00-4577-919C-B37D5978BB4C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{13E97EFB-A977-46CC-ABF7-B6D7D4D9D57A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{20B2604B-907D-4E74-8AC0-78A93CA343A5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3A275F36-A8BC-442D-8A3B-03D5329D0A5E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B624C0B-A24B-4CA0-974F-275950713463}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7733489A-F906-435F-92DA-DADCE026008A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{89EE5AA1-4776-4088-8A4F-2D7F752625B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BDAB344-4911-4681-A636-AA6D879383F2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AAACF5A6-BCB8-4404-95EE-7E944AFB58CD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{B6B21554-F827-46C3-AD66-3C3C828DD154}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A50493-68AA-4EBB-B9C0-D08378F48ED7}" = protocol=6 | dir=out | app=system |
"{01998957-0A06-44FD-9605-163E9663B5BF}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{050A3050-0EF1-4EDE-ADF8-CE7B184F4BB9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{08BE9349-2016-4703-A039-1BAFC1095AA1}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{0A66E025-547A-4A34-BE2B-DE0C947C6C57}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0F95F21D-D171-4CF2-914E-714B3C0BE9B1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{11F98FA8-B0E8-41F3-BADC-C3D4A4B142BB}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{15F61F15-0AC5-4397-87D2-6A0F2B80FC02}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1D44B0ED-A5A0-442F-918D-ADD018B29F72}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1E6869EF-B23D-478E-9BE0-80D8187074E4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1F43D697-8FEA-4B21-A464-C277CCDEF281}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{25E2F246-C8BB-4290-8897-B43A897D1EA2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2811EB2C-CE03-4D68-A6B5-0DA05F55FFBD}" = dir=out | name=juniper networks junos pulse |
"{2CF470A8-16B7-4041-8F85-6DE6AEA686BE}" = dir=in | name=juniper networks junos pulse |
"{3AA21F33-C414-42AB-A184-E9FC45BB3ED3}" = dir=out | name=windows_ie_ac_001 |
"{3FFC97E9-3EE8-45D7-B869-C04466461FBA}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{41C0C6A3-43B6-4BD6-9F5C-C122A02E408E}" = dir=out | name=@{microsoft.zunemusic_2.6.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{421A39E8-BC2B-4CAB-A556-8055E46D4BE5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{442F9577-C5CB-4370-94B7-F13E10E048EF}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{467196D0-A5CA-42F7-9B30-78B8C6AA84F3}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4B52A3D0-D37F-4082-B4B0-39E8B4F1F1F4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4E6AF33A-5604-4A73-8EFD-D92D43692224}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4ECEE6A7-F69E-4AB4-BD52-38BFA9E6A45F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5132F4E3-2213-4BE4-89C6-F46EB58BE9AE}" = dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{521D709D-EA9E-475D-A56B-35648B741DF5}" = protocol=17 | dir=in | app=c:\program files (x86)\the sims 4\game\bin\ts4.exe |
"{544F5667-37D7-40A7-9F21-67304DF50466}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57C2B022-52F8-4854-ABD5-FA752930A2E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{5B4FCDA3-61A4-45CF-9236-C4937FC4226B}" = dir=out | name=sonicwall mobile connect |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F7E3B57-5892-4F9E-9763-E7F0ECC1E19A}" = dir=in | name=sonicwall mobile connect |
"{61940156-5F89-4C1D-8641-E81FB3DB2FDA}" = dir=out | name=check point vpn |
"{63A17499-2F9C-4081-A7DF-1D47D1461D3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C601068-72AA-4E97-84DE-C437671556EB}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{70530A9D-5FD1-4ACE-8DF2-AC84BF3F3CDF}" = protocol=17 | dir=in | app=c:\users\lucie\appdata\roaming\utorrent\utorrent.exe |
"{72D89600-8233-40FC-AED2-57C77522F9DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{763A28CE-7625-47C6-A25F-A66607CF1755}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{7A788AE9-17BF-44F6-9988-7B93A40B6577}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84E2C78A-D2DA-4E85-8F3B-E76D47E67BBE}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{8C5E4A6C-D432-43E9-AB23-21AA3079375B}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{908F3472-9983-407A-AFC2-39A71B5EEE26}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{9B1DA09F-3BE5-4A56-B109-096725CFF3E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9B8EB2CD-2173-4B4A-970D-FA16DCFFF6A4}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9E13DE1E-3C7A-40AE-A395-890AE34B96CD}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A51A7C33-3A77-4D74-9E1E-A7C52F774E5E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A638A2F1-C8C8-44ED-A56B-E01ABE6A2B90}" = dir=out | name=windows_ie_ac_001 |
"{A942B1F0-9CB5-4B04-A252-9E4446929A7D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{ABA483DA-8868-430E-B68A-60E91DD105E8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{ABDCE09C-6191-412C-86C4-CFBA059F3A84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABE44C8E-7366-4A17-9B16-4F81EFB810BF}" = protocol=6 | dir=in | app=c:\program files (x86)\the sims 4\game\bin\ts4.exe |
"{AD18C809-5DA3-474D-92FC-29A7121B0FCE}" = dir=in | name=check point vpn |
"{AE6DD547-0F13-4373-8E65-6CA5FCE904F8}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C15B299D-75E0-4DE4-B81E-CCFBCCA92D08}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C31CD712-ED7E-40FE-95D1-D9120A86CAC7}" = dir=out | name=@{microsoft.bingtravel_3.0.4.303_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{C627980A-39DD-4FAE-8807-7056133EA0F6}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C79F0DAB-15C7-40D6-B7EA-5B8C82B41720}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{CDD65718-DAE4-460A-B5EC-6B2A509664C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2789A5D-FBD1-4411-B297-5A87C9B82C6C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DFB490B7-2CE9-41E8-B0DD-42D6B235D259}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{E03C1157-A578-470A-81F7-4667E3B26171}" = dir=out | name=f5 vpn |
"{E0D42F1B-2CFB-4D62-A0AE-1BEB16777417}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA24F3A0-E424-4AB4-9624-5237A3AB07E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE2E37E8-0673-4D13-A380-657736CB1AEE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EEBB7039-DDE9-429B-85DA-E51A0917B460}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F0F629EB-5144-4520-9029-4C7EBBE1F2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F1051EA5-F946-4455-B3C9-F7F059A6771C}" = dir=in | name=f5 vpn |
"{F4B4CEA0-6B23-4B1D-B549-1F9BC1F8D308}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F5DC9F08-CBD5-4C39-B5B9-5AEEECFCA023}" = dir=out | name=windows_ie_ac_001 |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F74431A5-FF56-4B35-B31E-DCDC9B988EC8}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FD1DCC56-D34A-4D5E-A93E-57449B910BD5}" = protocol=6 | dir=in | app=c:\users\lucie\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{DA6C787C-ECF2-403F-BA69-4DE09EB59D99}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FA563C5E-6B17-4BD5-B53C-211328F9BA21}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{FC8714D9-1D01-4ADD-8365-E99204A3B05D}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{FF57C6F7-0B79-48E4-9747-3F1C5E27431B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Packard Bell Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Packard Bell Device Fast-lane
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}" = Broadcom Wireless Utility
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-1000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-1000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Packard Bell Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Elantech" = ETDWare PS/2-X64 11.6.13.004_WHQL
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 5.11 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0F659036-14C7-4622-9505-35A0DC93526A}" = System Requirements Lab
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{26A24AE4-039D-4CA4-87B4-2F03217072FF}" = Java 7 Update 72
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83218040F0}" = Java 8 Update 40
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{48EBEBBF-B9F8-4520-A3CF-89A730721917}" = The Sims™ 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6D1C3187-2820-44F9-B64F-83FD3DEE0201}" = eM Client
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10)
"{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}" = Nero BackItUp 12 Essentials OEM.a01
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher version 3.8
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}" = Nero BackItUp
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"1207666813_is1" = Pillars of Eternity
"Advanced Renamer_is1" = Advanced Renamer
"aTube Catcher" = aTube Catcher
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Google Chrome" = Google Chrome
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.6.1022
"Origin" = Origin
"RadioController" = Dritek Radio Controller
"Steam" = Steam
"Steam App 570" = Dota 2
"VGhlU2ltczQ=_is1" = The Sims 4
"VLC media player" = VLC media player
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3. 5. 2015 4:12:40 | Computer Name = HOME | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error - 3. 5. 2015 4:33:44 | Computer Name = HOME | Source = Windows Search Service | ID = 3079
Description =
Error - 3. 5. 2015 11:19:58 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp:
0x54cb5aeb Faulting module name: mpengine.dll, version: 1.1.9700.0, time stamp:
0x51d28fcb Exception code: 0xc0000005 Fault offset: 0x00000000005615b7 Faulting process
id: 0x1614 Faulting application start time: 0x01d085b46b4e5507 Faulting application
path: C:\Program Files\Windows Defender\MsMpEng.exe Faulting module path: C:\ProgramData\Microsoft\Windows
Defender\Definition Updates\Default\mpengine.dll Report Id: db8795b3-f1a7-11e4-bf26-208984533228
Faulting
package full name: Faulting package-relative application ID:
Error - 3. 5. 2015 11:52:31 | Computer Name = HOME | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database
Error - 3. 5. 2015 12:01:56 | Computer Name = HOME | Source = VSS | ID = 8194
Description =
Error - 3. 5. 2015 12:06:49 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0xa98 Faulting application start time: 0x01d085bb23671a8f Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 673d4a67-f1ae-11e4-bf27-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 3. 5. 2015 12:17:56 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0xbb0 Faulting application start time: 0x01d085bcb169cb54 Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: f48c7894-f1af-11e4-bf28-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 3. 5. 2015 12:51:03 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0x914 Faulting application start time: 0x01d085c151bf3cbb Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 95430bd6-f1b4-11e4-bf29-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 3. 5. 2015 15:53:29 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0x100 Faulting application start time: 0x01d085dacd10918b Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 11272fd4-f1ce-11e4-bf2a-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 4. 5. 2015 2:52:16 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0xb64 Faulting application start time: 0x01d08636d6a52132 Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 198ece62-f22a-11e4-bf2b-208984533228 Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 26. 4. 2015 5:46:40 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 26. 4. 2015 5:47:10 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 28. 4. 2015 2:23:31 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 28. 4. 2015 3:29:10 | Computer Name = HOME | Source = DCOM | ID = 10010
Description =
Error - 28. 4. 2015 3:29:10 | Computer Name = HOME | Source = DCOM | ID = 10010
Description =
Error - 29. 4. 2015 3:29:55 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 30. 4. 2015 8:57:02 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 30. 4. 2015 17:24:45 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 30. 4. 2015 17:25:35 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 1. 5. 2015 8:32:48 | Computer Name = HOME | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.1.7. The computer with the IP address 192.168.1.2 did not
allow the name to be claimed by this computer.
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Lucie\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Czech Republic | Language: CSY | Date Format: d. M. yyyy
3,82 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 65,76% Memory free
4,76 Gb Paging File | 3,30 Gb Available in Paging File | 69,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 914,75 Gb Total Space | 759,98 Gb Free Space | 83,08% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Lucie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03406091-FACC-49D3-BF53-6E7421498070}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0727A671-CA00-4577-919C-B37D5978BB4C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{13E97EFB-A977-46CC-ABF7-B6D7D4D9D57A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{20B2604B-907D-4E74-8AC0-78A93CA343A5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3A275F36-A8BC-442D-8A3B-03D5329D0A5E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6B624C0B-A24B-4CA0-974F-275950713463}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7733489A-F906-435F-92DA-DADCE026008A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{89EE5AA1-4776-4088-8A4F-2D7F752625B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9BDAB344-4911-4681-A636-AA6D879383F2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AAACF5A6-BCB8-4404-95EE-7E944AFB58CD}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{B6B21554-F827-46C3-AD66-3C3C828DD154}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A50493-68AA-4EBB-B9C0-D08378F48ED7}" = protocol=6 | dir=out | app=system |
"{01998957-0A06-44FD-9605-163E9663B5BF}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{050A3050-0EF1-4EDE-ADF8-CE7B184F4BB9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{08BE9349-2016-4703-A039-1BAFC1095AA1}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{0A66E025-547A-4A34-BE2B-DE0C947C6C57}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{0F95F21D-D171-4CF2-914E-714B3C0BE9B1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{11F98FA8-B0E8-41F3-BADC-C3D4A4B142BB}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{15F61F15-0AC5-4397-87D2-6A0F2B80FC02}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{1D44B0ED-A5A0-442F-918D-ADD018B29F72}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1E6869EF-B23D-478E-9BE0-80D8187074E4}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{1F43D697-8FEA-4B21-A464-C277CCDEF281}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.253_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{25E2F246-C8BB-4290-8897-B43A897D1EA2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2811EB2C-CE03-4D68-A6B5-0DA05F55FFBD}" = dir=out | name=juniper networks junos pulse |
"{2CF470A8-16B7-4041-8F85-6DE6AEA686BE}" = dir=in | name=juniper networks junos pulse |
"{3AA21F33-C414-42AB-A184-E9FC45BB3ED3}" = dir=out | name=windows_ie_ac_001 |
"{3FFC97E9-3EE8-45D7-B869-C04466461FBA}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{41C0C6A3-43B6-4BD6-9F5C-C122A02E408E}" = dir=out | name=@{microsoft.zunemusic_2.6.653.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{421A39E8-BC2B-4CAB-A556-8055E46D4BE5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{442F9577-C5CB-4370-94B7-F13E10E048EF}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{467196D0-A5CA-42F7-9B30-78B8C6AA84F3}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{4B52A3D0-D37F-4082-B4B0-39E8B4F1F1F4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{4E6AF33A-5604-4A73-8EFD-D92D43692224}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{4ECEE6A7-F69E-4AB4-BD52-38BFA9E6A45F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5132F4E3-2213-4BE4-89C6-F46EB58BE9AE}" = dir=in | app=c:\program files (x86)\nero\nero 12\nero backitup\backitup.exe |
"{521D709D-EA9E-475D-A56B-35648B741DF5}" = protocol=17 | dir=in | app=c:\program files (x86)\the sims 4\game\bin\ts4.exe |
"{544F5667-37D7-40A7-9F21-67304DF50466}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{57C2B022-52F8-4854-ABD5-FA752930A2E8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{5B4FCDA3-61A4-45CF-9236-C4937FC4226B}" = dir=out | name=sonicwall mobile connect |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{5F7E3B57-5892-4F9E-9763-E7F0ECC1E19A}" = dir=in | name=sonicwall mobile connect |
"{61940156-5F89-4C1D-8641-E81FB3DB2FDA}" = dir=out | name=check point vpn |
"{63A17499-2F9C-4081-A7DF-1D47D1461D3B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C601068-72AA-4E97-84DE-C437671556EB}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{70530A9D-5FD1-4ACE-8DF2-AC84BF3F3CDF}" = protocol=17 | dir=in | app=c:\users\lucie\appdata\roaming\utorrent\utorrent.exe |
"{72D89600-8233-40FC-AED2-57C77522F9DD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{763A28CE-7625-47C6-A25F-A66607CF1755}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{7A788AE9-17BF-44F6-9988-7B93A40B6577}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84E2C78A-D2DA-4E85-8F3B-E76D47E67BBE}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{8C5E4A6C-D432-43E9-AB23-21AA3079375B}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{908F3472-9983-407A-AFC2-39A71B5EEE26}" = dir=out | name=@{microsoft.bingweather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{9B1DA09F-3BE5-4A56-B109-096725CFF3E4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9B8EB2CD-2173-4B4A-970D-FA16DCFFF6A4}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{9E13DE1E-3C7A-40AE-A395-890AE34B96CD}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A51A7C33-3A77-4D74-9E1E-A7C52F774E5E}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{A638A2F1-C8C8-44ED-A56B-E01ABE6A2B90}" = dir=out | name=windows_ie_ac_001 |
"{A942B1F0-9CB5-4B04-A252-9E4446929A7D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{ABA483DA-8868-430E-B68A-60E91DD105E8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{ABDCE09C-6191-412C-86C4-CFBA059F3A84}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABE44C8E-7366-4A17-9B16-4F81EFB810BF}" = protocol=6 | dir=in | app=c:\program files (x86)\the sims 4\game\bin\ts4.exe |
"{AD18C809-5DA3-474D-92FC-29A7121B0FCE}" = dir=in | name=check point vpn |
"{AE6DD547-0F13-4373-8E65-6CA5FCE904F8}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{C15B299D-75E0-4DE4-B81E-CCFBCCA92D08}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C31CD712-ED7E-40FE-95D1-D9120A86CAC7}" = dir=out | name=@{microsoft.bingtravel_3.0.4.303_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{C627980A-39DD-4FAE-8807-7056133EA0F6}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{C79F0DAB-15C7-40D6-B7EA-5B8C82B41720}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{CDD65718-DAE4-460A-B5EC-6B2A509664C3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D2789A5D-FBD1-4411-B297-5A87C9B82C6C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DFB490B7-2CE9-41E8-B0DD-42D6B235D259}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{E03C1157-A578-470A-81F7-4667E3B26171}" = dir=out | name=f5 vpn |
"{E0D42F1B-2CFB-4D62-A0AE-1BEB16777417}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EA24F3A0-E424-4AB4-9624-5237A3AB07E3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE2E37E8-0673-4D13-A380-657736CB1AEE}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{EEBB7039-DDE9-429B-85DA-E51A0917B460}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F0F629EB-5144-4520-9029-4C7EBBE1F2CF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{F1051EA5-F946-4455-B3C9-F7F059A6771C}" = dir=in | name=f5 vpn |
"{F4B4CEA0-6B23-4B1D-B549-1F9BC1F8D308}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{F5DC9F08-CBD5-4C39-B5B9-5AEEECFCA023}" = dir=out | name=windows_ie_ac_001 |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F74431A5-FF56-4B35-B31E-DCDC9B988EC8}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FD1DCC56-D34A-4D5E-A93E-57449B910BD5}" = protocol=6 | dir=in | app=c:\users\lucie\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{DA6C787C-ECF2-403F-BA69-4DE09EB59D99}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{FA563C5E-6B17-4BD5-B53C-211328F9BA21}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{FC8714D9-1D01-4ADD-8365-E99204A3B05D}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{FF57C6F7-0B79-48E4-9747-3F1C5E27431B}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Packard Bell Recovery Management
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Packard Bell Device Fast-lane
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}" = Broadcom Wireless Utility
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0405-1000-0000000FF1CE}" = Microsoft Access MUI (Czech) 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0405-1000-0000000FF1CE}" = Microsoft Excel MUI (Czech) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0017-0405-1000-0000000FF1CE}" = Microsoft SharePoint Designer MUI (Czech) 2013
"{90150000-0018-0405-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (Czech) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0405-1000-0000000FF1CE}" = Microsoft Publisher MUI (Czech) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0405-1000-0000000FF1CE}" = Microsoft Outlook MUI (Czech) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0405-1000-0000000FF1CE}" = Microsoft Word MUI (Czech) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0405-1000-0000000FF1CE}" = Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office - Français
"{90150000-001F-041B-1000-0000000FF1CE}" = Nástroje korektúry balíka Microsoft Office 2013 - slovenčina
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Español
"{90150000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2013
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0405-1000-0000000FF1CE}" = Microsoft InfoPath MUI (Czech) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0405-1000-0000000FF1CE}" = Microsoft DCF MUI (Czech) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0405-1000-0000000FF1CE}" = Microsoft OneNote MUI (Czech) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0405-1000-0000000FF1CE}" = Microsoft Groove MUI (Czech) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0405-1000-0000000FF1CE}" = Microsoft Office OSM MUI (Czech) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0405-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (Czech) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0100-0405-1000-0000000FF1CE}" = Microsoft Office O MUI (Czech) 2013
"{90150000-0101-0405-1000-0000000FF1CE}" = Microsoft X MUI (Czech) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0405-1000-0000000FF1CE}" = Microsoft Lync MUI (Czech) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Packard Bell Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"Elantech" = ETDWare PS/2-X64 11.6.13.004_WHQL
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office15.OMUI.cs-cz" = Microsoft Office Language Pack 2013 - Czech/čeština
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"WinRAR archiver" = WinRAR 5.11 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0708FF30-78C0-47B0-81F0-C84604DC769C}" = Nero Express Help (CHM)
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B311221-05A5-4766-8D03-7A6446794156}" = Nero RescueAgent Help (CHM)
"{0E4630AF-0AB7-440E-A978-1A78FC4F43B9}" = Nero Launcher
"{0F659036-14C7-4622-9505-35A0DC93526A}" = System Requirements Lab
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{26A24AE4-039D-4CA4-87B4-2F03217072FF}" = Java 7 Update 72
"{26A24AE4-039D-4CA4-87B4-2F83218031F0}" = Java 8 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83218040F0}" = Java 8 Update 40
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{3AAB08A3-F129-4BD5-B409-AE674F93759D}" = Prerequisite installer
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{48EBEBBF-B9F8-4520-A3CF-89A730721917}" = The Sims™ 4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6D1C3187-2820-44F9-B64F-83FD3DEE0201}" = eM Client
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{7f51bdb9-ee21-49ee-94d6-90afc321780e}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
"{7FB64E72-9B0E-4460-A821-040C341E414A}" = ASUS Ai Charger
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{848A7C68-0ADC-4193-8A89-2CEA78E56A0C}" = Nero Express
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BF0D9FE-9893-4647-81B9-17B7BEA4E6FD}" = Nero 12 Essentials OEM.a01
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A2D43081-CF7B-4637-A9F3-E2651AA5C4A8}" = Nero RescueAgent
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.10)
"{B2B0EC73-AD4A-4716-A3DE-CEA8440B309B}" = Nero BackItUp 12 Essentials OEM.a01
"{B455E95A-B804-439F-B533-336B1635AE97}" = NVIDIA PhysX
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{ce085a78-074e-4823-8dc1-8a721b94b76d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher version 3.8
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E70B2F2C-94D1-4287-B5B0-CBBE618E2652}" = Nero BackItUp
"{EF0D1292-8FC1-41BE-9740-DBC134F66415}" = Nero BackItUp Help (CHM)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"1207666813_is1" = Pillars of Eternity
"Advanced Renamer_is1" = Advanced Renamer
"aTube Catcher" = aTube Catcher
"DAEMON Tools Lite" = DAEMON Tools Lite
"DivX Setup" = DivX Setup
"Google Chrome" = Google Chrome
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"LManager" = Launch Manager
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.1.6.1022
"Origin" = Origin
"RadioController" = Dritek Radio Controller
"Steam" = Steam
"Steam App 570" = Dota 2
"VGhlU2ltczQ=_is1" = The Sims 4
"VLC media player" = VLC media player
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2173986437-2657695049-2134289973-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 3. 5. 2015 4:12:40 | Computer Name = HOME | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "c:\program files (x86)\ESET\eset
online scanner\ESETSmartInstaller.exe".Error in manifest or policy file "" on line
. A component version required by the application conflicts with another component
version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component
2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
Error - 3. 5. 2015 4:33:44 | Computer Name = HOME | Source = Windows Search Service | ID = 3079
Description =
Error - 3. 5. 2015 11:19:58 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp:
0x54cb5aeb Faulting module name: mpengine.dll, version: 1.1.9700.0, time stamp:
0x51d28fcb Exception code: 0xc0000005 Fault offset: 0x00000000005615b7 Faulting process
id: 0x1614 Faulting application start time: 0x01d085b46b4e5507 Faulting application
path: C:\Program Files\Windows Defender\MsMpEng.exe Faulting module path: C:\ProgramData\Microsoft\Windows
Defender\Definition Updates\Default\mpengine.dll Report Id: db8795b3-f1a7-11e4-bf26-208984533228
Faulting
package full name: Faulting package-relative application ID:
Error - 3. 5. 2015 11:52:31 | Computer Name = HOME | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database
Error - 3. 5. 2015 12:01:56 | Computer Name = HOME | Source = VSS | ID = 8194
Description =
Error - 3. 5. 2015 12:06:49 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0xa98 Faulting application start time: 0x01d085bb23671a8f Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 673d4a67-f1ae-11e4-bf27-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 3. 5. 2015 12:17:56 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0xbb0 Faulting application start time: 0x01d085bcb169cb54 Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: f48c7894-f1af-11e4-bf28-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 3. 5. 2015 12:51:03 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0x914 Faulting application start time: 0x01d085c151bf3cbb Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 95430bd6-f1b4-11e4-bf29-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 3. 5. 2015 15:53:29 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0x100 Faulting application start time: 0x01d085dacd10918b Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 11272fd4-f1ce-11e4-bf2a-208984533228 Faulting package full name: Faulting package-relative
application ID:
Error - 4. 5. 2015 2:52:16 | Computer Name = HOME | Source = Application Error | ID = 1000
Description = Faulting application name: Explorer.EXE, version: 6.3.9600.17667,
time stamp: 0x54c6f7c2 Faulting module name: twinui.dll, version: 6.3.9600.17415,
time stamp: 0x54503c45 Exception code: 0x80270249 Fault offset: 0x00000000002f497f
Faulting
process id: 0xb64 Faulting application start time: 0x01d08636d6a52132 Faulting application
path: C:\WINDOWS\Explorer.EXE Faulting module path: C:\WINDOWS\system32\twinui.dll
Report
Id: 198ece62-f22a-11e4-bf2b-208984533228 Faulting package full name: Faulting package-relative
application ID:
[ System Events ]
Error - 26. 4. 2015 5:46:40 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 26. 4. 2015 5:47:10 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 28. 4. 2015 2:23:31 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 28. 4. 2015 3:29:10 | Computer Name = HOME | Source = DCOM | ID = 10010
Description =
Error - 28. 4. 2015 3:29:10 | Computer Name = HOME | Source = DCOM | ID = 10010
Description =
Error - 29. 4. 2015 3:29:55 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 30. 4. 2015 8:57:02 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 30. 4. 2015 17:24:45 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 30. 4. 2015 17:25:35 | Computer Name = HOME | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 1. 5. 2015 8:32:48 | Computer Name = HOME | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.1.7. The computer with the IP address 192.168.1.2 did not
allow the name to be claimed by this computer.
< End of report >
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Re: Pomalý chod notebooku
Spusť znovu OTL, do volného textového pole zadej:
A poté klikni na tlačítko Opravit. Po restartu prosím dodej log.
---------------------------------------------------------
Stáhni si Autoruns: https://download.sysinternals.com/files/Autoruns.zip
Vyextrahuj na Plochu, klikni na Autoruns.exe pravým tlačítkem a zvol možnost Spustit jako Správce. Potvrď licenci aplikace a vyčkej, až aplikace dokončí sken.
Po dokončení skenu (ukazatel vlevo dole) zmáčkni Ctrl + S a soubor ulož. Následně mi jej prosím nahraj na: http://leteckaposta.cz/
Kód: Vybrat vše
:otl
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Reg Error: Value error.
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKU\S-1-5-21-2173986437-2657695049-2134289973-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
:files
C:\*.tmp
C:\Program Files\*.tmp /s
C:\Program Files (x86)\*.tmp /s
%ProgramData%\*.vbs
%ProgramData%\*.tmp
%windir%\*.tmp /s
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\system32\DUMP*.tmp
%windir%\Tasks\*.job /s
:commands
[Emptytemp]
[Emptyjava]
[Emptyflash]
[Purity]
[Reboot]A poté klikni na tlačítko Opravit. Po restartu prosím dodej log.
---------------------------------------------------------
Stáhni si Autoruns: https://download.sysinternals.com/files/Autoruns.zip
Vyextrahuj na Plochu, klikni na Autoruns.exe pravým tlačítkem a zvol možnost Spustit jako Správce. Potvrď licenci aplikace a vyčkej, až aplikace dokončí sken.
Po dokončení skenu (ukazatel vlevo dole) zmáčkni Ctrl + S a soubor ulož. Následně mi jej prosím nahraj na: http://leteckaposta.cz/
Re: Pomalý chod notebooku
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2173986437-2657695049-2134289973-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully.
========== FILES ==========
File\Folder C:\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota\demoheader.tmp moved successfully.
File/Folder C:\ProgramData\*.vbs not found.
File/Folder C:\ProgramData\*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP578A.tmp folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File/Folder C:\WINDOWS\Tasks\*.job not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Lucie
->Temp folder emptied: 31901 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 8196 bytes
->Google Chrome cache emptied: 377559218 bytes
->Flash cache emptied: 15 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12501778 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 73761808 bytes
Total Files Cleaned = 442,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Lucie
->Java cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Lucie
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05042015_201549
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2173986437-2657695049-2134289973-1002\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages:livessp deleted successfully.
========== FILES ==========
File\Folder C:\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota\demoheader.tmp moved successfully.
File/Folder C:\ProgramData\*.vbs not found.
File/Folder C:\ProgramData\*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\Temp\ZAP578A.tmp folder moved successfully.
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
File/Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File/Folder C:\WINDOWS\Tasks\*.job not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default.migrated
User: Lucie
->Temp folder emptied: 31901 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 8196 bytes
->Google Chrome cache emptied: 377559218 bytes
->Flash cache emptied: 15 bytes
User: Public
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12501778 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 73761808 bytes
Total Files Cleaned = 442,00 mb
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Lucie
->Java cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Java Files Cleaned = 0,00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Default.migrated
User: Lucie
->Flash cache emptied: 0 bytes
User: Public
User: UpdatusUser
Total Flash Files Cleaned = 0,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05042015_201549
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Re: Pomalý chod notebooku
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Pomalý chod notebooku
Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Stáhni si Junkware Removal Tool by Thisisu
na svojí plochu.
Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: Pomalý chod notebooku
Autoruns z neznámého důvodu nefunguje...
No, co problémy?
No, co problémy?
Re: Pomalý chod notebooku
RogueKiller V10.6.2.0 (x64) [May 4 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Lucie [Práva správce]
Started from : C:\Users\Lucie\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 05/05/2015 17:23:13
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 4 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 1e35560e19d41514056a3b164250bf3d
[BSP] 77395f9e6f8276184c32ec7d71fdac3f : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1697792 | Size: 936706 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1920071680 | Size: 450 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1920993280 | Size: 15884 MB
User = LL1 ... OK
User = LL2 ... OK
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operační systém : Windows 8.1 (6.3.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : Lucie [Práva správce]
Started from : C:\Users\Lucie\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 05/05/2015 17:23:13
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 4 ¤¤¤
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nalezeno
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nalezeno
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB +++++
--- User ---
[MBR] 1e35560e19d41514056a3b164250bf3d
[BSP] 77395f9e6f8276184c32ec7d71fdac3f : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 400 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 821248 | Size: 300 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1435648 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1697792 | Size: 936706 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 1920071680 | Size: 450 MB
5 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1920993280 | Size: 15884 MB
User = LL1 ... OK
User = LL2 ... OK
Intel Core i7-4810MQ 2.80GHz
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
8 GB RAM
AMD Radeon HD 8790M
512GB SSD
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 89 hostů