Prosím o kontrolu logu - pomalý a zasekaný Windows

[DJAdam]

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/07/31 13:32:15

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- HL-DT-ST DVDRAM GHB0N
- WDC WD5000AAKX-22ERMA0
- Microsoft Storage Spaces Controller [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-22ERMA0
Firmware : 17.01H17
Serial Number : WD-WCC2EZW14565
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 5712 hod.
Power On Count : 1200 krát
Temperature : 38 C (100 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chybných čítaní
03 141 140 _21 000000000F5D Čas na roztočenie platní
04 _99 _99 __0 0000000004B3 Počet spustení/zastavení
05 200 200 140 000000000000 Počet premapovaných sektorov
07 200 200 __0 000000000000 Počet chybných vyhľadávaní
09 _93 _93 __0 000000001650 Počet odpracovaných hodín
0A 100 100 __0 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 100 100 __0 000000000000 Počet pokusov o prekalibrovanie
0C _99 _99 __0 0000000004B0 Počet cyklov zapnutia zariadenia
C0 200 200 __0 00000000007F Počet vypnutí disku
C1 200 200 __0 000000000437 Počet cyklov načítania/vymazania
C2 105 _87 __0 000000000026 Teplota
C4 200 200 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 200 200 __0 000000000000 Počet podozrivých sektorov
C6 200 200 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 200 200 __0 000000000000 Počet chýb pri zápise sektorov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4332 455A 5731 3435 3635
020: 0000 8000 0032 3137 2E30 3148 3137 5744 4320 5744
030: 3530 3030 4141 4B58 2D32 3245 524D 4130 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0000
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 207F 002C
090: 002C 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: B4C9 F2F0 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0179 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8D 8C 5D 0F 00 00 00 00 00 04 32 00 63 63 B3
020: 04 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5D 5D 50 16 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 B0 04 00 00 00 00 00 C0 32
070: 00 C8 C8 7F 00 00 00 00 00 00 C1 32 00 C8 C8 37
080: 04 00 00 00 00 00 C2 22 00 69 57 26 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 FC 21 01 7B
170: 03 00 01 00 02 58 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D

[Reklama]

[jaro3]

000000000F5D Čas na roztočenie platní
ještě jednou CDI.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[DJAdam]

----------------------------------------------------------------------------
CrystalDiskInfo 6.7.0 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2016/07/31 17:52:44

-- Controller Map ----------------------------------------------------------
+ Intel(R) 8 Series/C220 Series SATA AHCI Controller - 8C02 [ATA]
- HL-DT-ST DVDRAM GHB0N
- WDC WD5000AAKX-22ERMA0
- Microsoft Storage Spaces Controller [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0 : 500,1 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD5000AAKX-22ERMA0
----------------------------------------------------------------------------
Model : WDC WD5000AAKX-22ERMA0
Firmware : 17.01H17
Serial Number : WD-WCC2EZW14565
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : 16384 KB
Queue Depth : 32 # of Sectors : 976773168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ----
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 5716 hod.
Power On Count : 1200 krát
Temperature : 36 C (96 F)
Health Status : Dobrý
Features : S.M.A.R.T., 48bit LBA, NCQ
APM Level : ----
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chybných čítaní
03 141 140 _21 000000000F5D Čas na roztočenie platní
04 _99 _99 __0 0000000004B3 Počet spustení/zastavení
05 200 200 140 000000000000 Počet premapovaných sektorov
07 200 200 __0 000000000000 Počet chybných vyhľadávaní
09 _93 _93 __0 000000001654 Počet odpracovaných hodín
0A 100 100 __0 000000000000 Počet opakovaných pokusov o roztočenie platní
0B 100 100 __0 000000000000 Počet pokusov o prekalibrovanie
0C _99 _99 __0 0000000004B0 Počet cyklov zapnutia zariadenia
C0 200 200 __0 00000000007F Počet vypnutí disku
C1 200 200 __0 000000000437 Počet cyklov načítania/vymazania
C2 107 _87 __0 000000000024 Teplota
C4 200 200 __0 000000000000 Počet udalostí s cieľom realokovania sektorov
C5 200 200 __0 000000000000 Počet podozrivých sektorov
C6 200 200 __0 000000000000 Počet neopraviteľných sektorov
C7 200 200 __0 000000000000 Počet chýb v kontrolnom súčte UltraDMA
C8 200 200 __0 000000000000 Počet chýb pri zápise sektorov

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4332 455A 5731 3435 3635
020: 0000 8000 0032 3137 2E30 3148 3137 5744 4320 5744
030: 3530 3030 4141 4B58 2D32 3245 524D 4130 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0000
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 207F 002C
090: 002C 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5001 4EE2
110: B4C9 F2F0 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16FE 0179 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 D0A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 8D 8C 5D 0F 00 00 00 00 00 04 32 00 63 63 B3
020: 04 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5D 5D 54 16 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 B0 04 00 00 00 00 00 C0 32
070: 00 C8 C8 7F 00 00 00 00 00 00 C1 32 00 C8 C8 37
080: 04 00 00 00 00 00 C2 22 00 6B 57 24 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 FC 21 01 7B
170: 03 00 01 00 02 58 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 02 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 9B

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 00 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0D

[DJAdam]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2016
Ran by Hanus (administrator) on HANUS-PC (31-07-2016 17:55:25)
Running from C:\Users\Hanus\Desktop
Loaded Profiles: Hanus (Available Profiles: Hanus)
Platform: Windows 8.1 (Update) (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-11] (AVAST Software)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-17] (Spotify Ltd)
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {3ca7f102-393b-11e6-847c-448a5b9b27f4} - "F:\autorun.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {3ca7f10b-393b-11e6-847c-448a5b9b27f4} - "F:\autorun.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {fc200d97-2671-11e6-8453-448a5b9b27f4} - "F:\autorun.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-06-30] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{45EBB24D-83FA-43A8-B741-2F2DCFC276C4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4DDE0E17-7512-4773-AE02-D9007D1B58DA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-06-30] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-30] (AVAST Software)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-12] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-07-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-30]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-06-30]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR Profile: C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentácie Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-31]
CHR Extension: (Dokumenty Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-31]
CHR Extension: (Disk Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-31]
CHR Extension: (YouTube) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-31]
CHR Extension: (Avast SafePrice) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-07-31]
CHR Extension: (Tabuľky Google) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-31]
CHR Extension: (Avast Online Security) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-31]
CHR Extension: (Gmail) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-31]
CHR Extension: (Chrome Media Router) - C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-31]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-06-30] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1863688 2016-05-18] ()
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1443520 2016-04-04] (Disc Soft Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [244800 2016-07-07] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6211648 2016-06-11] (GOG.com)
S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-06-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-06-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-06-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-06-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-06-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-06-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-06-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-06-30] (AVAST Software)
S4 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-04-20] (Disc Soft Ltd)
S4 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-04-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NVFLASH; C:\WINDOWS\system32\drivers\nvflash.sys [15648 2014-01-06] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-07-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R2 RtkIOAC60; C:\Windows\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek semiconductor corp)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-07-30] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S4 WinRing0_1_2_0; \??\D:\CAM_Client_V3.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-31 17:55 - 2016-07-31 17:55 - 00013952 _____ C:\Users\Hanus\Desktop\FRST.txt
2016-07-31 17:55 - 2016-07-31 17:55 - 00000000 ____D C:\FRST
2016-07-31 17:54 - 2016-07-31 17:54 - 02394112 _____ (Farbar) C:\Users\Hanus\Desktop\FRST64.exe
2016-07-31 13:23 - 2016-07-31 13:10 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2016-07-31 13:08 - 2016-07-31 13:09 - 01309184 _____ C:\Users\Hanus\Desktop\zoek.exe
2016-07-30 16:06 - 2016-07-30 16:09 - 25355848 _____ C:\Users\Hanus\Desktop\RogueKillerX64.exe
2016-07-30 16:00 - 2016-07-30 16:00 - 00000825 _____ C:\Users\Hanus\Desktop\JRT.txt
2016-07-30 15:57 - 2016-07-30 15:57 - 01610560 _____ (Malwarebytes) C:\Users\Hanus\Desktop\JRT.exe
2016-07-29 15:02 - 2016-07-29 15:02 - 00448512 _____ (OldTimer Tools) C:\Users\Hanus\Downloads\TFC.exe
2016-07-29 14:39 - 2016-07-29 14:39 - 00002319 _____ C:\Users\Hanus\Desktop\AdwCleaner[C2].txt
2016-07-29 14:29 - 2016-07-29 14:29 - 03712064 _____ C:\Users\Hanus\Desktop\adwcleaner_5.201.exe
2016-07-27 13:15 - 2016-07-27 13:15 - 00000000 ____D C:\Users\Hanus\AppData\Local\Rockstar Games
2016-07-27 13:13 - 2016-07-27 15:37 - 00000000 ____D C:\Program Files\Rockstar Games
2016-07-27 13:13 - 2016-07-27 15:37 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-07-27 13:07 - 2016-07-27 13:07 - 00000686 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2016-07-27 13:07 - 2016-07-27 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-07-26 16:39 - 2016-07-26 16:39 - 00388608 _____ (Trend Micro Inc.) C:\Users\Hanus\Desktop\HijackThis.exe
2016-07-26 13:03 - 2013-07-02 16:29 - 00024824 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\IOMap64.sys
2016-07-26 11:36 - 2016-07-26 11:36 - 00001402 _____ C:\Users\Hanus\Desktop\The Witcher 3 Wild Hunt.lnk
2016-07-26 11:35 - 2016-07-26 11:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games
2016-07-26 10:43 - 2016-07-26 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wiedźmin 3® - Dziki Gon [GOG.com]
2016-07-26 09:29 - 2016-07-26 09:29 - 00041472 _____ C:\Users\Hanus\Downloads\launcher64.dll
2016-07-26 09:29 - 2016-07-26 09:29 - 00022200 _____ (Phoenix Technologies) C:\WINDOWS\SysWOW64\Drivers\DrvAgent64.SYS
2016-07-26 09:28 - 2016-07-26 09:28 - 00000889 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2016-07-26 09:25 - 2016-07-26 09:26 - 01664456 _____ ( ) C:\Users\Hanus\Downloads\cpu-z_1.76-en.exe
2016-07-25 12:23 - 2016-07-25 12:23 - 00001150 _____ C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EE2X Empire Earth 2 The Art of Supremacy ver. 1.5.lnk
2016-07-25 11:26 - 2016-07-25 11:26 - 00002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\~eW`~FORUM Empire Earth II.lnk
2016-07-25 11:26 - 2016-07-25 11:26 - 00002016 _____ C:\Users\Public\Desktop\Empire Earth II ver. 1.5.lnk
2016-07-25 11:26 - 2016-07-25 11:26 - 00001313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unofficial Patch 1.5 - Help & Support - Empire Earth II.lnk
2016-07-25 11:26 - 2016-07-25 11:26 - 00001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Empire Earth II ver. 1.5.lnk
2016-07-25 11:26 - 2016-07-25 11:26 - 00001127 _____ C:\Users\Public\Desktop\Empire Earth II The Art of Supremacy ver. 1.5.lnk
2016-07-25 11:24 - 2016-07-25 11:28 - 00000000 ____D C:\Users\Hanus\Documents\Empire Earth II The Art of Supremacy
2016-07-25 11:11 - 2016-07-25 11:14 - 18052073 _____ C:\Users\Hanus\Downloads\czech_0001.zip
2016-07-23 12:59 - 2016-07-25 11:26 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Sierra
2016-07-23 12:43 - 2016-07-23 12:56 - 184654450 _____ (Dr Mona Lisa) C:\Users\Hanus\Downloads\ee2_update_100-140_155.exe
2016-07-23 12:38 - 2016-07-25 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2016-07-23 12:38 - 2016-07-23 12:38 - 00000000 ____D C:\Program Files (x86)\Sierra
2016-07-22 19:40 - 2016-07-22 19:45 - 53549822 _____ C:\Users\Hanus\Downloads\css_full_pack_for_cs_16.zip
2016-07-18 12:26 - 2016-07-18 12:26 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-18 12:26 - 2016-07-11 04:13 - 01887800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvCamera64.dll
2016-07-18 12:26 - 2016-07-11 04:13 - 01595840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvCamera32.dll
2016-07-18 12:26 - 2016-07-11 00:36 - 00127424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-07-18 12:26 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-07-18 12:26 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-07-18 12:26 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-07-18 12:26 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-07-18 12:22 - 2016-07-12 14:21 - 00214592 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2016-07-18 12:22 - 2016-07-12 14:21 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 31640512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 25414080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 16790552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 13581880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-07-18 12:22 - 2016-07-11 04:13 - 10691632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 10656112 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 10234336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 09020656 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 08742360 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 08615336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 03542072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 03099072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 01939000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436881.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436881.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 01001016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00930360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00909880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00893944 _____ C:\WINDOWS\system32\nvmcumd.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00852024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00694672 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00583736 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00544120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00490744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00459320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00444472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00406064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00394808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00177952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00155768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00153416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00131584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00124352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcaparm.dll
2016-07-18 12:22 - 2016-07-11 04:13 - 00047672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvadarm.sys
2016-07-14 09:17 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-07-14 09:17 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-07-14 09:17 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-14 09:17 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-14 09:16 - 2016-06-11 20:14 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-14 09:16 - 2016-06-11 20:11 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-14 09:16 - 2016-06-11 19:56 - 25812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-14 09:16 - 2016-06-11 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-07-14 09:16 - 2016-06-11 19:42 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-14 09:16 - 2016-06-11 19:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-07-14 09:16 - 2016-06-11 19:22 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-14 09:16 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-07-14 09:16 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-07-14 09:16 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-14 09:16 - 2016-06-11 19:13 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-14 09:16 - 2016-06-11 19:12 - 20348928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-14 09:16 - 2016-06-11 19:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-07-14 09:16 - 2016-06-11 19:07 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-07-14 09:16 - 2016-06-11 19:03 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-14 09:16 - 2016-06-11 19:01 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-07-14 09:16 - 2016-06-11 19:00 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-14 09:16 - 2016-06-11 19:00 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-07-14 09:16 - 2016-06-11 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-14 09:16 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-07-14 09:16 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-14 09:16 - 2016-06-11 18:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-07-14 09:16 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-14 09:16 - 2016-06-11 18:31 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-14 09:16 - 2016-06-11 18:31 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-14 09:16 - 2016-06-11 18:31 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-07-14 09:16 - 2016-06-11 18:30 - 15409664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-14 09:16 - 2016-06-11 18:29 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-14 09:16 - 2016-06-11 18:26 - 02869248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-14 09:16 - 2016-06-11 18:15 - 13806080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-14 09:16 - 2016-06-11 18:12 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-14 09:16 - 2016-06-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-14 09:16 - 2016-06-11 17:59 - 02392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-14 09:16 - 2016-06-11 17:56 - 01315840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-14 09:16 - 2016-06-11 17:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-14 09:14 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-14 09:14 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-14 09:14 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-14 09:14 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-07-14 09:14 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-14 09:14 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-07-14 09:14 - 2016-05-18 23:33 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-14 09:14 - 2016-05-18 22:59 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-14 09:14 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-07-14 09:14 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-14 09:14 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-14 09:14 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-14 09:14 - 2016-05-14 01:08 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-07-14 09:14 - 2016-05-14 01:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-07-14 09:14 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-14 09:14 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-14 09:14 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-07-14 09:14 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-07-14 09:14 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-07-14 09:14 - 2016-05-11 04:24 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-07-14 09:14 - 2016-05-11 04:24 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-07-14 09:14 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-07-14 09:14 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-07-14 09:14 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-14 09:14 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-14 09:14 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-07-14 09:14 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-07-14 09:14 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-14 09:13 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-07-14 09:13 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2016-07-14 09:13 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-07-14 09:13 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-14 09:13 - 2016-05-14 01:08 - 00032512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-07-14 09:13 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-07-14 09:13 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-07-14 09:13 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-07-14 09:13 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-07-14 09:13 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-07-14 09:13 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-07-14 09:13 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-07-14 09:13 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-07-14 09:13 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-07-14 09:13 - 2016-05-12 19:37 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc63.sys
2016-07-14 09:13 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-07-14 09:13 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-07-14 09:13 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-14 09:13 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-14 09:13 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-14 09:12 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-14 09:12 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-14 09:12 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-14 09:12 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-14 09:11 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-14 09:11 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-14 09:11 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-14 09:11 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-14 09:11 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-14 09:11 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-07-14 09:11 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-07-14 09:11 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-07-14 09:11 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-07-14 09:11 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-14 09:11 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-07-14 09:11 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-07-14 09:11 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-07-14 09:10 - 2016-06-10 23:35 - 04167680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-07-12 15:21 - 2016-07-31 17:21 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-11 16:16 - 2016-07-11 14:48 - 00003760 _____ C:\Users\Hanus\Desktop\user.settings
2016-07-09 11:42 - 2016-07-12 14:21 - 01579976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2016-07-09 11:42 - 2016-06-30 00:44 - 01922616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436869.dll
2016-07-09 11:42 - 2016-06-30 00:44 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436869.dll
2016-07-07 09:49 - 2016-07-07 09:49 - 01302283 _____ C:\Users\Hanus\Downloads\Autoruns.zip
2016-07-07 08:54 - 2016-07-07 08:59 - 00000000 ___HD C:\$WINDOWS.~BT
2016-07-06 14:56 - 2016-07-07 09:31 - 00001890 _____ C:\WINDOWS\diagwrn.xml
2016-07-06 14:56 - 2016-07-07 09:31 - 00001890 _____ C:\WINDOWS\diagerr.xml
2016-07-06 10:33 - 2016-07-06 10:33 - 00000000 ___HD C:\$Windows.~WS
2016-07-06 10:26 - 2016-07-06 10:28 - 18447464 _____ (Microsoft Corporation) C:\Users\Hanus\Downloads\MediaCreationTool.exe
2016-07-05 19:03 - 2016-07-05 19:03 - 00000625 _____ C:\Users\Hanus\Desktop\World of Warships.lnk
2016-07-05 19:03 - 2016-07-05 19:03 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Warships
2016-07-05 09:45 - 2016-07-05 09:45 - 00642632 _____ (EFD Software ) C:\Users\Hanus\Downloads\hdtune_255.exe
2016-07-05 09:45 - 2016-07-05 09:45 - 00000902 _____ C:\Users\Hanus\Desktop\HD Tune.lnk
2016-07-05 09:45 - 2016-07-05 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-07-05 09:45 - 2016-07-05 09:45 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-07-02 16:36 - 2016-07-02 16:36 - 00000549 _____ C:\WINDOWS\SysWOW64\CAM.lnk
2016-07-02 15:54 - 2016-07-02 15:54 - 00000053 _____ C:\Users\Hanus\camguest.id
2016-07-02 15:53 - 2016-07-07 09:53 - 00003148 _____ C:\WINDOWS\System32\Tasks\CAM
2016-07-02 15:53 - 2016-07-02 15:53 - 00000000 ____D C:\Users\Hanus\AppData\Local\IsolatedStorage
2016-07-02 15:49 - 2016-07-02 15:51 - 32195088 _____ (NZXT) C:\Users\Hanus\Downloads\CAM_Installer V3.1.2.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-31 17:53 - 2016-06-20 19:31 - 00000000 ____D C:\Users\Hanus\AppData\Local\CrashDumps
2016-07-31 14:49 - 2015-08-03 00:41 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{1F85D8D3-BFBD-487A-96B3-E6C2E0978322}
2016-07-31 13:26 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-31 13:26 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-31 13:25 - 2014-06-17 15:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-30 20:38 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-30 16:22 - 2015-09-09 14:21 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-07-29 14:42 - 2015-09-08 14:25 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-29 14:34 - 2016-06-12 12:04 - 00000000 ____D C:\AdwCleaner
2016-07-28 07:57 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-07-27 18:10 - 2015-08-27 12:57 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Skype
2016-07-27 18:01 - 2016-06-14 13:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 18:01 - 2015-08-27 12:57 - 00000000 ____D C:\ProgramData\Skype
2016-07-27 17:26 - 2015-08-03 00:41 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3812361727-838257335-1277264128-1001
2016-07-27 15:39 - 2015-09-29 14:27 - 00000000 ___RD C:\Users\Hanus\Desktop\Hry
2016-07-27 13:13 - 2015-09-13 18:25 - 00000000 ____D C:\Users\Hanus\Documents\Rockstar Games
2016-07-27 11:18 - 2014-06-17 15:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-27 11:15 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-27 11:13 - 2016-03-10 15:16 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-27 11:13 - 2016-03-10 15:16 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-27 11:13 - 2015-08-02 17:35 - 01509688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-27 11:13 - 2015-08-02 17:34 - 00725672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-07-27 11:13 - 2015-08-02 17:34 - 00488064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-07-27 11:13 - 2015-08-02 17:33 - 00447256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-27 11:13 - 2015-08-02 17:33 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-07-27 11:13 - 2015-08-02 17:32 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unregmp2.exe
2016-07-27 11:13 - 2015-08-02 17:32 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-07-27 11:13 - 2015-08-02 17:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-07-27 11:13 - 2015-08-02 17:32 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-07-27 11:13 - 2015-08-02 17:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\unregmp2.exe
2016-07-27 11:13 - 2015-08-02 17:31 - 00150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2016-07-27 11:13 - 2015-08-02 17:30 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-07-27 11:13 - 2015-08-02 17:30 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-07-27 11:13 - 2015-08-02 17:29 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-07-27 11:13 - 2015-08-02 17:29 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-07-27 11:13 - 2015-08-02 17:29 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-07-27 11:13 - 2015-08-02 17:29 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-07-27 11:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-27 11:13 - 2013-08-22 13:43 - 09374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-07-27 11:13 - 2013-08-22 08:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.tlb
2016-07-27 11:13 - 2013-08-22 08:54 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\amcompat.tlb
2016-07-27 11:13 - 2013-08-22 06:14 - 09374208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-07-27 11:13 - 2013-08-22 01:49 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.tlb
2016-07-27 11:13 - 2013-08-22 01:49 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amcompat.tlb
2016-07-27 10:54 - 2015-08-02 20:29 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-07-26 17:32 - 2015-12-17 16:49 - 00000000 ____D C:\Users\Hanus\Documents\The Witcher 3
2016-07-26 16:27 - 2016-05-18 16:46 - 00000000 ____D C:\Users\Hanus\AppData\Local\ArmA 2 OA
2016-07-26 11:35 - 2015-08-08 15:07 - 00521216 ___SH C:\Users\Hanus\Desktop\Thumbs.db
2016-07-26 10:01 - 2015-11-05 15:03 - 00008192 _____ C:\WINDOWS\system32\edb.chk
2016-07-26 09:28 - 2015-09-09 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-07-26 09:28 - 2015-09-09 15:04 - 00000000 ____D C:\Program Files\CPUID
2016-07-25 20:11 - 2015-08-03 00:35 - 00000000 ____D C:\Users\Hanus
2016-07-22 19:57 - 2015-08-21 16:07 - 00000000 ____D C:\KMPlayer
2016-07-19 18:14 - 2015-09-05 18:21 - 00000000 ____D C:\Users\Hanus\AppData\Roaming\Spotify
2016-07-19 18:11 - 2015-08-21 14:52 - 00062976 ___SH C:\Users\Hanus\Downloads\Thumbs.db
2016-07-19 10:38 - 2016-04-14 13:52 - 00002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-07-18 15:20 - 2014-03-06 08:43 - 00765714 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-18 12:26 - 2016-02-04 15:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-07-18 12:26 - 2014-06-17 15:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-18 12:26 - 2014-06-17 15:16 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-18 12:21 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-14 09:32 - 2013-08-22 16:44 - 00473848 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-14 09:29 - 2015-08-03 15:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-14 09:29 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-14 09:22 - 2015-08-03 13:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-14 09:19 - 2015-08-03 13:04 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-14 09:17 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 09:04 - 2016-04-17 12:16 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-12 15:21 - 2016-05-13 12:21 - 06079168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-07-12 15:21 - 2015-09-06 13:01 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-07-12 15:21 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-07-12 15:21 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-07-11 04:13 - 2016-06-10 17:53 - 17321352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-07-11 04:13 - 2016-06-01 15:55 - 14371384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-07-11 04:13 - 2016-06-01 15:55 - 03393576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-07-11 04:13 - 2016-02-04 15:56 - 03840096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-07-11 04:13 - 2015-12-15 17:36 - 19220352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-07-11 04:13 - 2015-12-15 17:36 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcvadgenco64.dll
2016-07-11 04:13 - 2015-12-15 17:36 - 00039124 _____ C:\WINDOWS\system32\nvinfo.pb
2016-07-11 01:17 - 2016-02-04 15:58 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-07-11 01:17 - 2016-02-04 15:58 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-07-11 01:17 - 2016-02-04 15:26 - 06384064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-07-11 01:17 - 2016-02-04 15:26 - 02465848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-07-11 01:17 - 2016-02-04 15:26 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-07-11 01:17 - 2016-02-04 15:26 - 01364536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-07-11 01:17 - 2016-02-04 15:26 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-07-11 01:17 - 2016-02-04 15:26 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-07-07 19:03 - 2016-02-04 15:26 - 07211925 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-07-07 13:21 - 2015-12-17 16:17 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-07-07 13:16 - 2015-08-03 00:44 - 00000000 ____D C:\Users\Hanus\AppData\Local\Google
2016-07-07 13:16 - 2015-08-03 00:43 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-07 11:58 - 2016-03-21 17:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2016-07-07 10:06 - 2016-06-19 08:20 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job
2016-07-07 10:06 - 2016-06-19 08:20 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-07 09:53 - 2016-06-19 08:20 - 00003936 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59
2016-07-07 09:53 - 2016-06-19 08:20 - 00003700 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-07 09:53 - 2014-06-17 15:32 - 00003270 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2016-07-07 08:54 - 2014-03-06 08:36 - 00000000 ____D C:\WINDOWS\Panther
2016-07-05 12:55 - 2016-01-03 15:06 - 00007602 _____ C:\Users\Hanus\AppData\Local\resmon.resmoncfg
2016-07-05 12:05 - 2015-10-24 11:56 - 00000000 ___RD C:\Users\Hanus\Disk Google
2016-07-04 12:53 - 2015-08-21 14:30 - 00001077 _____ C:\Users\Hanus\Desktop\Dxtory.lnk
2016-07-03 14:21 - 2016-01-24 20:39 - 00000000 ____D C:\Users\Hanus\Documents\Mount&Blade Warband Savegames
2016-07-02 06:29 - 2016-03-30 13:50 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:29 - 2016-03-30 13:50 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-01 13:46 - 2016-04-17 12:25 - 00003924 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1460888704
2016-07-01 13:46 - 2016-04-17 12:25 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk

==================== Files in the root of some directories =======

2014-08-04 15:46 - 2016-04-30 18:58 - 0161399 _____ () C:\Program Files\changelog.txt
2013-11-13 14:36 - 2016-04-30 18:58 - 0375336 _____ () C:\Program Files\createfileassoc.exe
2014-08-04 15:46 - 2016-04-30 18:58 - 0447256 _____ (TeamSpeak Systems GmbH) C:\Program Files\error_report.exe
2014-06-05 15:48 - 2016-04-30 18:58 - 2084352 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Program Files\libeay32.dll
2016-04-30 18:58 - 2016-04-30 18:58 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll
2016-04-30 18:58 - 2016-04-30 18:58 - 0963232 _____ (Microsoft Corporation) C:\Program Files\msvcr120.dll
2014-05-19 13:15 - 2016-04-30 18:58 - 1704176 _____ (Overwolf) C:\Program Files\OverwolfTeamSpeakInstaller.exe
2014-08-04 15:46 - 2016-04-30 18:58 - 0474904 _____ (TeamSpeak Systems GmbH) C:\Program Files\package_inst.exe
2014-08-04 10:29 - 2016-04-30 18:58 - 0000313 _____ () C:\Program Files\plugin_sdk.html
2014-02-27 16:47 - 2016-04-30 18:58 - 5629952 _____ (The Qt Company Ltd) C:\Program Files\Qt5Core.dll
2014-02-27 16:48 - 2016-04-30 18:58 - 3935744 _____ (The Qt Company Ltd) C:\Program Files\Qt5Gui.dll
2014-02-27 16:47 - 2016-04-30 18:58 - 1094656 _____ (The Qt Company Ltd) C:\Program Files\Qt5Network.dll
2014-02-27 16:47 - 2016-04-30 18:58 - 0216576 _____ (The Qt Company Ltd) C:\Program Files\Qt5Sql.dll
2014-02-27 16:50 - 2016-04-30 18:58 - 5426176 _____ (The Qt Company Ltd) C:\Program Files\Qt5Widgets.dll
2014-02-28 11:14 - 2016-04-30 18:58 - 0174872 _____ () C:\Program Files\quazip.dll
2014-06-05 15:48 - 2016-04-30 18:58 - 0349696 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Program Files\ssleay32.dll
2014-08-04 15:45 - 2016-04-30 18:58 - 11480344 _____ (TeamSpeak Systems GmbH) C:\Program Files\ts3client_win64.exe
2015-08-03 17:08 - 2015-08-03 17:08 - 0126290 _____ (TeamSpeak Systems GmbH) C:\Program Files\Uninstall.exe
2014-08-04 15:46 - 2016-04-30 18:58 - 1532184 _____ (TeamSpeak Systems GmbH) C:\Program Files\update.exe
2014-06-20 09:44 - 2016-04-30 18:58 - 0579975 _____ () C:\Program Files\usb.ids
2015-08-05 12:33 - 2015-08-05 12:34 - 1065984 _____ () C:\Users\Hanus\AppData\Local\file__0.localstorage
2016-01-03 15:06 - 2016-07-05 12:55 - 0007602 _____ () C:\Users\Hanus\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-23 08:56

==================== End of FRST.txt ============================

[DJAdam]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by Hanus (2016-07-31 17:56:24)
Running from C:\Users\Hanus\Desktop
Windows 8.1 (Update) (X64) (2015-08-02 22:34:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3812361727-838257335-1277264128-500 - Administrator - Disabled)
Guest (S-1-5-21-3812361727-838257335-1277264128-501 - Limited - Disabled)
Hanus (S-1-5-21-3812361727-838257335-1277264128-1001 - Administrator - Enabled) => C:\Users\Hanus
HomeGroupUser$ (S-1-5-21-3812361727-838257335-1277264128-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2005 - Acer)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Age of Empires III - The WarChiefs Trial (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Aktualizácie NVIDIA 2.11.3.5 (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Ansel (Version: 368.81 - NVIDIA Corporation) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CrystalDiskInfo 6.7.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.7.0 - Crystal Dew World)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3716.57 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0154 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
EE2, EE2X - Unofficial Patch 1.5 (HKLM-x32\...\EE2, EE2X - Unofficial Patch 1.5) (Version: - )
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Empire Earth II The Art of Supremacy (HKLM-x32\...\{F596C356-BF35-4ED7-981C-CC791461A8F0}) (Version: 1.0 - Sierra)
Floris Mod Pack 2.54 (HKLM-x32\...\Floris Mod Pack_is1) (Version: - )
Freemake Video Converter verzia 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8102 - Acer Incorporated)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.135 - PandoraTV)
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Men of War: Assault Squad 2 (HKLM-x32\...\Steam App 244450) (Version: - Digitalmindsoft)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
NVIDIA 3D Vision radič ovládača 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafický ovládač 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.81 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.81 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.34.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Virtuálny zvuk Miracast 368.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 368.81 - NVIDIA Corporation)
Opera Stable 32.0.1948.69 (HKLM-x32\...\Opera 32.0.1948.69) (Version: 32.0.1948.69 - Opera Software)
Ovládací panel NVIDIA 368.81 (Version: 368.81 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.3.34 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.9.6 - Rockstar Games)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Sniper Elite 3 (HKLM\...\Steam App 238090) (Version: - Rebellion)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.22.0.0 - GOG.com)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD PROJEKT RED)
Vegas Pro 12.0 (64-bit) (HKLM\...\{87CEB7C0-1D35-11E2-8F19-F04DA23A5C58}) (Version: 12.0.394 - Sony)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warships (HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {13241F71-5785-41B7-A82C-C013EE329B34} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3812361727-838257335-1277264128-1001
Task: {157853B8-99F8-433A-86BF-02E374BC6DF3} - System32\Tasks\SafeZone scheduled Autoupdate 1460888704 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {1AFB4CD0-7918-429A-8BDD-BDC63674CF9F} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-19] (Acer Incorporated)
Task: {26B5129A-7C19-4AEE-A134-087D368064F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3C0190A5-5720-4A60-8CF2-BFE0C80C2281} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-30] (AVAST Software)
Task: {84C5AF9F-7871-4A33-B3DE-5DA044729B4B} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-09] ()
Task: {8A6784D7-E7AA-4EC3-AB7C-06203DA68212} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2013-12-31] (Acer Incorporated)
Task: {90EB7AAA-E70E-4600-BD1D-C72EE4548DCE} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {967A228E-5022-4189-9B92-7344A8D0BEA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {99CE1743-1169-4E83-B12F-51B9CAABF68B} - System32\Tasks\Opera scheduled Autoupdate 1441991824 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-25] (Opera Software)
Task: {AC2BDFE8-0D3D-4320-B058-B219581DA871} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {BC020A7B-62F1-480B-9042-C2C9B3EF0666} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {C9154531-98FE-4D25-8806-991275D1C4CE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {D97C07AE-3B55-4B28-A3F4-4C1683B2D310} - System32\Tasks\CAM => D:\CAM_Client_V3.exe
Task: {E74F8540-770E-4688-96E3-7F50ADEF0D81} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-14] (Microsoft Corporation)
Task: {F44092C9-A1D5-46CA-9E4B-5940AAE55AFC} - System32\Tasks\{35A8A304-51A7-409F-93C6-2B39E2849E8D} => pcalua.exe -a H:\setup.exe -d H:\

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-02-04 15:26 - 2016-07-11 01:17 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-06 14:18 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-04 15:59 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-05 17:52 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-06 14:18 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-05-05 17:52 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-05 17:52 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-04 15:59 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-05-05 17:52 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-05 17:52 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-05 17:52 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-02-04 15:59 - 2016-05-02 08:00 - 00167480 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2016-02-04 15:59 - 2016-05-02 08:01 - 00862776 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2016-06-30 19:00 - 2016-06-30 19:00 - 00146232 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-31 12:40 - 2016-07-31 12:40 - 03002880 _____ () C:\Program Files\AVAST Software\Avast\defs\16073100\algo.dll
2016-06-30 19:00 - 2016-06-30 19:00 - 00479288 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-02-04 15:59 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-30 19:00 - 2016-06-30 19:00 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-17 15:18 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2016-07-31 13:13 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3812361727-838257335-1277264128-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hanus\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CCDMonitorService => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ProductUpdater"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "RGSC"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "GSplay.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\StartupApproved\Run: => "vibranceGUI"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9303AF6C-AEFD-4DFD-864D-A73602A9B920}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{BB7884FD-15CD-4216-B64E-1EA78ADD4E68}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9BC65F97-9A38-4D34-B342-8A54D64E36C1}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EA789DCF-8BED-451E-AEA4-07FD6B5372D6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{77AA6952-28EE-4C46-9033-A6ADFA8945E3}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3FC56E80-8B74-4BB8-AE6F-09C7A51595BD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{5BCD5C63-6890-44D6-92E6-7790EF464EBF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{D4CC9B98-88BB-4338-86DD-FBFD604C05C8}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{C46D24EE-8041-4A2B-BCCC-0C4C882FEEA2}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{4DC7970B-589C-4627-A68A-E265C90D6E7E}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{571025CA-8060-4ED7-970D-EA2ECBF0E0E6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{EA48FB27-9BC9-4E3C-A16E-B9FA6CDC3BEB}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{13E0581D-964C-46B9-9A07-98F6CFDB8926}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{4BA68414-E6FA-457E-B20E-60CFBAC0FDFC}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1955A99C-9A08-452F-BB29-B1C5FAAE4FEE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{39C81872-99A8-4729-98DA-4EA7E74AC653}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{2CC92D41-7EAB-4493-97A9-9602BC4F3AD9}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{06225CD6-A61F-49D5-B488-E8570579D225}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{CFA42265-2DD2-4F0B-87FB-9602FA049A0E}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{AF1F2499-1B96-41D5-911C-0DA1FB2ABE45}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{5296AAA7-4059-4130-8780-799ABE041A6E}] => (Allow) D:\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe
FirewallRules: [{238919D2-BF28-4A1C-8183-14F3DE9C85A8}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{0AD6A48A-597E-4F80-9721-EAD31173CE79}] => (Allow) D:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{90786252-8057-48D8-BB92-89CF50534A3E}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{35C09DFE-1387-4038-924B-CAF89D466BEE}D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{8201F9DB-326D-4276-B410-FB4733853ECB}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C342B4B2-FE4A-4B5B-B430-58FC7FBBAB41}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{EDC52221-D55E-4972-A9F9-BF62DAF7BC59}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{23986DBC-31B6-4EB7-B6CA-CE6CF66F2198}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4F4B5166-C767-44F5-A337-2353908DC69B}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{30910B41-9219-4073-82BD-E64CFEC4DBE7}] => (Allow) C:\Users\Hanus\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6A3245D9-7502-4BDD-A76D-B240901047C4}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{AA879E62-DD74-4B9C-91E2-E7357DFA349B}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{3121224E-FA4B-4E39-BC82-EF7B6AFB9BA8}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{BBBE37DA-6E8F-4C27-A2F4-9D0194E3E2FD}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{0C9B7925-34E7-46BA-BB35-46EB18383825}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{AF7F00D7-6D68-4EAA-9935-31F0D618C67F}] => (Allow) D:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{BB5DA14F-FFDD-4662-AF70-441A37B1D908}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D1314B6D-1CD2-4108-BBA0-6C86EB5FB4BB}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{0AB0AA26-6E63-40AA-A62F-924CC5EE38D4}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{5C764B10-B679-4A99-9BCE-79D8762580B4}] => (Allow) D:\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{E69C4306-26AC-40CF-A662-C6846D1F72C7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0F1DE7C1-3CD1-4B7F-A58F-BDC675CE98AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{637538B7-6B3F-4C1A-AC64-E4C3A295C1C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F19FB852-FC7C-4AE7-B63A-62870910D202}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0CED0247-225E-4927-B632-20D55A8AD548}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D1A18CCF-1B3A-47EC-99E5-17B19063FE6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F2F7BC7-7352-4783-B708-8569D1E0C3DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{93C28944-269F-4F7E-9F3E-750E6902C7E9}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [{87DE8601-0B00-47CA-A534-B49030AE276B}] => (Allow) D:\Steam\steamapps\common\Half-Life\hl.exe
FirewallRules: [TCP Query User{78374F0F-DA39-4090-B65A-B27C29398925}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{AE4A0F4E-CBEC-4BBC-BCC8-EE3A91035417}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{1EDDCE26-70C7-4B2D-9C8A-052B58012BCD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{201C28CD-A48D-4302-9EF0-7D4EBAAA20C1}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{EB26907A-27BF-4932-AD82-5E63388DC965}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{529FC6F7-F0AC-4900-A61D-942442292476}] => (Allow) C:\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{A0E6A943-A257-4EC7-8539-C55F6174B2F6}] => (Allow) C:\Steam\steamapps\common\Sniper Elite 3\Launcher\Sniper3Launcher.exe
FirewallRules: [{32284A41-117D-46D4-A282-96C550C0AC59}] => (Allow) LPort=9143
FirewallRules: [{E304377B-2A7B-43E8-BAA4-DD30A2DFD180}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{0004B936-F278-40CD-B4CC-495665248632}D:\world of warships\wowslauncher.exe] => (Allow) D:\world of warships\wowslauncher.exe
FirewallRules: [UDP Query User{4AB7BA3C-1A30-4260-A222-249F386EB029}D:\world of warships\wowslauncher.exe] => (Allow) D:\world of warships\wowslauncher.exe
FirewallRules: [TCP Query User{B5892D63-742C-4B3E-8D19-7388D0921CC6}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [UDP Query User{88D6B181-E07A-4DA6-860E-CC9BF14924FB}D:\warthunder\launcher.exe] => (Allow) D:\warthunder\launcher.exe
FirewallRules: [TCP Query User{EED53456-0F4C-4338-B1C7-B6CC655F7C80}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [UDP Query User{A5040517-F84F-4F2F-A5D3-0BA40A573700}D:\warthunder\win64\aces.exe] => (Allow) D:\warthunder\win64\aces.exe
FirewallRules: [{AB49FA7B-48EE-47DA-A3AA-1E7FE1213D47}] => (Allow) LPort=13139
FirewallRules: [{D11CF746-B275-4BF2-AF2A-3D66C6653F06}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\EE2.exe
FirewallRules: [{F3914DA5-F46F-4C6E-8D6C-41085EBA67D6}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\EE2X.exe
FirewallRules: [{1254E7A9-F629-4A30-BCE7-FA49ADB3C5D3}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\EnabledUP15Units\EE2.exe
FirewallRules: [{C288F39E-BA03-4727-B6EA-F92AB9C8EDBF}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\EnabledUP15Units\EE2X.exe
FirewallRules: [{635C595C-FD53-4964-A541-868C209B6893}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\DisabledUP15Units\EE2.exe
FirewallRules: [{A58D01F9-520D-4FBB-BBE8-8B46465F4C38}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\DisabledUP15Units\EE2X.exe
FirewallRules: [{E30234E7-5E6C-4DCE-8F07-E961152B191F}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\EnabledUP15UnitsDX9\EE2.exe
FirewallRules: [{2054DDD6-BE76-472B-BCA5-653C971E3D73}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\EnabledUP15UnitsDX9\EE2X.exe
FirewallRules: [{BB1984C0-F3B4-4BD3-A3B2-BE00BF6786E6}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\DisabledUP15UnitsDX9\EE2.exe
FirewallRules: [{3646474A-AA01-408E-BEA8-15BDBBA714CB}] => (Allow) C:\Program Files (x86)\Sierra\Empire Earth II\Unofficial Patch Files\DisabledUP15UnitsDX9\EE2X.exe
FirewallRules: [TCP Query User{5C3E7471-0F58-4044-A447-1FA01CAF0CEE}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{3DC07399-5CFB-4BFD-B996-E9656EA88C10}D:\grand theft auto v\gta5.exe] => (Allow) D:\grand theft auto v\gta5.exe

==================== Restore Points =========================

23-07-2016 12:38:16 Instalováno Empire Earth II
23-07-2016 12:41:22 Instalováno Empire Earth II The Art of Supremacy
25-07-2016 11:14:42 Odstraněno Empire Earth II
25-07-2016 11:15:39 Odstraněno Empire Earth II The Art of Supremacy
25-07-2016 11:19:47 Instalováno Empire Earth II
25-07-2016 11:22:08 Instalováno Empire Earth II The Art of Supremacy
26-07-2016 10:40:56 Installed DirectX
26-07-2016 10:42:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
26-07-2016 10:43:10 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
27-07-2016 11:12:36 Inštalátor modulov systému Windows
27-07-2016 11:16:53 Installed Grand Theft Auto V
27-07-2016 11:18:24 Installed Grand Theft Auto V
27-07-2016 15:47:50 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
27-07-2016 15:48:34 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918
27-07-2016 15:49:39 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
27-07-2016 15:50:07 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918
27-07-2016 17:59:18 ASU_MSI_TRAN
30-07-2016 15:58:40 JRT Pre-Junkware Removal
31-07-2016 13:12:25 zoek.exe restore point

==================== Faulty Device Manager Devices =============

Name: DAEMON Tools Lite Virtual USB Bus
Description: DAEMON Tools Lite Virtual USB Bus
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Disc Soft Ltd
Service: dtliteusbbus
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: DAEMON Tools Lite Virtual SCSI Bus
Description: DAEMON Tools Lite Virtual SCSI Bus
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Disc Soft Ltd
Service: dtlitescsibus
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/31/2016 05:53:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: chrome.exe, verzia: 51.0.2704.103, časová značka: 0x57610a1f
Názov chybujúceho modulu: ntdll.dll, verzia: 6.3.9600.18233, časová značka: 0x56bb4e1d
Kód výnimky: 0xc0000018
Odstup chyby: 0x0009d3c2
Identifikácia chybujúceho procesu: 0x1178
Čas spustenia chybujúcej aplikácie: 0xchrome.exe0
Cesta chybujúcej aplikácie: chrome.exe1
Cesta chybujúceho modulu: chrome.exe2
Identifikácia hlásenia: chrome.exe3
Celé meno chybujúceho balíka: chrome.exe4
Identifikácia chybujúcej aplikácie vzhľadom na balík: chrome.exe5

Error: (07/31/2016 05:47:44 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (07/31/2016 05:45:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: usbhubC:\WINDOWS\system32\usbperf.dll8

Error: (07/31/2016 05:45:42 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: Unable to read the "First Counter" value under the usbperf\Performance Key. Status codes returned in data.

Error: (07/31/2016 05:45:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (07/31/2016 01:28:06 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nedajú sa získať informácie databázy registry počítadla výkonu pre WSearchIdxPi pre inštanciu následkom tejto chyby: Operácia sa úspešne dokončila. 0x0.

Error: (07/31/2016 01:28:04 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog

Error: (07/31/2016 01:28:01 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Performance monitoring cannot be initialized for the gatherer service, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Error: (07/31/2016 08:25:51 AM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nedajú sa získať informácie databázy registry počítadla výkonu pre WSearchIdxPi pre inštanciu následkom tejto chyby: Operácia sa úspešne dokončila. 0x0.

Error: (07/31/2016 08:25:48 AM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Performance monitoring cannot be initialized for the gatherer object, because the counters are not loaded or the shared memory object cannot be opened. This only affects availability of the perfmon counters. Restart the computer.

Context: Application, SystemIndex Catalog


System errors:
=============
Error: (07/31/2016 05:34:37 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/31/2016 05:34:07 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/31/2016 01:26:31 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (07/31/2016 01:26:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa nepodarilo spustiť.

Cesta k modulu: C:\WINDOWS\system32\athExt.dll
Kód chyby: 126

Error: (07/31/2016 01:22:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/31/2016 01:22:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/31/2016 01:22:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/31/2016 01:22:23 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/31/2016 01:22:22 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (07/31/2016 01:07:24 PM) (Source: DCOM) (EventID: 10010) (User: Hanus-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


CodeIntegrity:
===================================
Date: 2016-01-24 08:50:38.540
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-23 08:18:38.571
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-22 16:09:36.388
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-22 13:31:05.880
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-21 13:31:45.144
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-20 13:35:30.403
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-19 16:57:46.618
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-19 14:04:57.579
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-18 13:47:16.994
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-01-17 08:37:20.307
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 15%
Total physical RAM: 8131.32 MB
Available physical RAM: 6846.86 MB
Total Virtual: 12723.32 MB
Available Virtual: 11324.36 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:223.88 GB) (Free:85 GB) NTFS
Drive d: (DATA) (Fixed) (Total:223.88 GB) (Free:47.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1761ADAE)

Partition: GPT.

==================== End of Addition.txt ============================

[jaro3]

Disk OK.

Vyčisti systém CCleanerem


Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {3ca7f102-393b-11e6-847c-448a5b9b27f4} - "F:\autorun.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {3ca7f10b-393b-11e6-847c-448a5b9b27f4} - "F:\autorun.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {fc200d97-2671-11e6-8453-448a5b9b27f4} - "F:\autorun.exe"
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
2016-07-07 10:06 - 2016-06-19 08:20 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job
2016-07-07 10:06 - 2016-06-19 08:20 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-07 09:53 - 2016-06-19 08:20 - 00003936 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59
2016-07-07 09:53 - 2016-06-19 08:20 - 00003700 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {26B5129A-7C19-4AEE-A134-087D368064F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {967A228E-5022-4189-9B92-7344A8D0BEA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F44092C9-A1D5-46CA-9E4B-5940AAE55AFC} - System32\Tasks\{35A8A304-51A7-409F-93C6-2B39E2849E8D} => pcalua.exe -a H:\setup.exe -d H:\
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

[DJAdam]

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016
Ran by Hanus (2016-08-01 10:54:09) Run:1
Running from C:\Users\Hanus\Desktop
Loaded Profiles: Hanus (Available Profiles: Hanus)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {3ca7f102-393b-11e6-847c-448a5b9b27f4} - "F:\autorun.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {3ca7f10b-393b-11e6-847c-448a5b9b27f4} - "F:\autorun.exe"
HKU\S-1-5-21-3812361727-838257335-1277264128-1001\...\MountPoints2: {fc200d97-2671-11e6-8453-448a5b9b27f4} - "F:\autorun.exe"
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-3812361727-838257335-1277264128-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
2016-07-07 10:06 - 2016-06-19 08:20 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job
2016-07-07 10:06 - 2016-06-19 08:20 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-07 09:53 - 2016-06-19 08:20 - 00003936 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59
2016-07-07 09:53 - 2016-06-19 08:20 - 00003700 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
Task: {26B5129A-7C19-4AEE-A134-087D368064F3} - System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {967A228E-5022-4189-9B92-7344A8D0BEA8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F44092C9-A1D5-46CA-9E4B-5940AAE55AFC} - System32\Tasks\{35A8A304-51A7-409F-93C6-2B39E2849E8D} => pcalua.exe -a H:\setup.exe -d H:\
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ca7f102-393b-11e6-847c-448a5b9b27f4}" => key removed successfully
HKCR\CLSID\{3ca7f102-393b-11e6-847c-448a5b9b27f4} => key not found.
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3ca7f10b-393b-11e6-847c-448a5b9b27f4}" => key removed successfully
HKCR\CLSID\{3ca7f10b-393b-11e6-847c-448a5b9b27f4} => key not found.
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fc200d97-2671-11e6-8453-448a5b9b27f4}" => key removed successfully
HKCR\CLSID\{fc200d97-2671-11e6-8453-448a5b9b27f4} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-3812361727-838257335-1277264128-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59 => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26B5129A-7C19-4AEE-A134-087D368064F3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26B5129A-7C19-4AEE-A134-087D368064F3}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59 => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{967A228E-5022-4189-9B92-7344A8D0BEA8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{967A228E-5022-4189-9B92-7344A8D0BEA8}" => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F44092C9-A1D5-46CA-9E4B-5940AAE55AFC}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F44092C9-A1D5-46CA-9E4B-5940AAE55AFC}" => key removed successfully
C:\WINDOWS\System32\Tasks\{35A8A304-51A7-409F-93C6-2B39E2849E8D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{35A8A304-51A7-409F-93C6-2B39E2849E8D}" => key removed successfully
C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => not found.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0cd9ff5d8ba59.job => not found.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21089045 B
Java, Flash, Steam htmlcache => 375739033 B
Windows/system/drivers => 12701584 B
Edge => 0 B
Chrome => 341152535 B
Firefox => 0 B
Opera => 125952 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 432 B
LocalService => 812 B
NetworkService => 0 B
Hanus => 130320161 B

RecycleBin => 0 B
EmptyTemp: => 848.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:54:21 ====

[jaro3]

Co problémy?

[DJAdam]

Bohužial windows je stále zasekaný aj ked trochu to ustúpilo ale ked preklikávam cez windows alebo tam chcem niečo hladať,proste všetko sa to zasekáva,dlho trvá kým sa niečo otvorí tak isto sa aj PC dlho zapína..po ukázaní loga Acer pri zapínani PC je asi 20 sekund čierna obrazovka a potom sa pomalinky zapína windows,ikonky sa po častiach načítavaju a trvá asi 3 minuty kým sa to odseká a dá sa to používať

[jaro3]

zadej si ještě téma do sekce problémy s HW.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.



Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.

[DJAdam]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-08-02 12:20:33
-----------------------------
12:20:33.482 OS Version: Windows x64 6.2.9200
12:20:33.482 Number of processors: 4 586 0x3C03
12:20:33.482 ComputerName: HANUS-PC UserName: Hanus
12:20:35.061 Initialize success
12:20:35.061 VM: initialized successfully
12:20:35.061 VM: Intel CPU supported virtualized
12:20:42.750 VM: supported disk I/O storport.sys
12:20:50.736 AVAST engine defs: 16080102
12:21:00.378 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000030
12:21:00.378 Disk 0 Vendor: WDC_WD5000AAKX-22ERMA0 17.01H17 Size: 476940MB BusType: 11
12:21:00.504 VM: Disk 0 MBR read successfully
12:21:00.504 Disk 0 MBR scan
12:21:00.504 Disk 0 unknown MBR code
12:21:00.504 Disk 0 Partition 1 00 EE GPT 2097151 MB offset 1
12:21:00.551 Disk 0 scanning C:\WINDOWS\system32\drivers
12:21:10.771 Service scanning
12:21:31.101 Modules scanning
12:21:31.101 Disk 0 trace - called modules:
12:21:31.117 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll storahci.sys
12:21:31.117 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001a0cc4060]
12:21:31.117 3 CLASSPNP.SYS[fffff800a1c02170] -> nt!IofCallDriver -> [0xffffe001a0a93e50]
12:21:31.117 5 ACPI.sys[fffff800a10aac21] -> nt!IofCallDriver -> \Device\00000030[0xffffe001a0aa3750]
12:21:31.742 AVAST engine scan C:\WINDOWS
12:21:33.368 AVAST engine scan C:\WINDOWS\system32
12:24:16.907 AVAST engine scan C:\WINDOWS\system32\drivers
12:24:29.940 AVAST engine scan C:\Users\Hanus
12:28:04.683 File: C:\Users\Hanus\Desktop\zoek.exe **INFECTED** Win32:Malware-gen
12:28:47.106 AVAST engine scan C:\ProgramData
12:31:42.124 Disk 0 statistics 3892960/0/5 @ 3,80 MB/s
12:31:42.124 Scan finished successfully
12:33:17.757 Disk 0 MBR has been saved successfully to "C:\Users\Hanus\Desktop\MBR.dat"
12:33:17.772 The log file has been saved successfully to "C:\Users\Hanus\Desktop\aswMBR.txt"

[DJAdam]

OTL logfile created on: 2.8.2016 12:35:00 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hanus\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18378)
Locale: 0000041B | Country: Slovensko | Language: SKY | Date Format: d.M.yyyy

7,94 Gb Total Physical Memory | 6,41 Gb Available Physical Memory | 80,69% Memory free
12,43 Gb Paging File | 10,84 Gb Available in Paging File | 87,26% Paging File free
Paging file location(s): c:\pagefile.sys 4592 9184 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,88 Gb Total Space | 87,69 Gb Free Space | 39,17% Space Free | Partition Type: NTFS
Drive D: | 223,88 Gb Total Space | 47,86 Gb Free Space | 21,38% Space Free | Partition Type: NTFS

Computer Name: HANUS-PC | User Name: Hanus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Hanus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation)
SRV:64bit: - (NvStreamNetworkSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation)
SRV:64bit: - (Disc Soft Lite Bus Service) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Disc Soft Ltd)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (UEIPSvc) -- C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (acer)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe (NVIDIA Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GalaxyClientService) -- C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe (GOG.com)
SRV - (GalaxyCommunication) -- C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe (GOG.com)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (BEService) -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe ()
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (ASGT) -- C:\Windows\SysWOW64\ASGT.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (TrueSight) -- C:\Windows\SysNative\drivers\TrueSight.sys ()
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswsp.sys (AVAST Software)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVVADARM) -- C:\Windows\SysNative\drivers\nvvadarm.sys (NVIDIA Corporation)
DRV:64bit: - (aswVmm) -- C:\WINDOWS\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\WINDOWS\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (dtliteusbbus) -- C:\Windows\SysNative\drivers\dtliteusbbus.sys (Disc Soft Ltd)
DRV:64bit: - (dtlitescsibus) -- C:\Windows\SysNative\drivers\dtlitescsibus.sys (Disc Soft Ltd)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (NVFLASH) -- C:\Windows\SysNative\drivers\nvflash.sys ()
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (RtkIOAC60) -- C:\Windows\SysNative\drivers\RtkIOAC60.sys (Realtek semiconductor corp)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.)
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk-SK
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CA 36 03 36 0C D5 D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy =
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2: C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.06.30 19:00:47 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2016.06.30 19:00:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.06.30 19:00:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016.06.30 19:00:46 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_1\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.81_1\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_1\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\11.1.0.955_0\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Hanus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5116.418.1.13_1\

O1 HOSTS File: ([2016.07.31 13:13:27 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [GalaxyClient] File not found
O4 - HKCU..\Run: [Spotify Web Helper] C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45EBB24D-83FA-43A8-B741-2F2DCFC276C4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DDE0E17-7512-4773-AE02-D9007D1B58DA}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\System32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)