Kontrola logu, velké využití RAM

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 15 dub 2016 19:41

HJT log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:52, on 15.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)

FIREFOX: 45.0.2 (x86 cs)
Boot mode: Normal

Running processes:
D:\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\Patrik\Desktop\Kontrola PC\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Patrik\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Bus Service - Disc Soft Ltd - D:\DAEMON Tools Pro\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2016 (mitsijm2016) - Autodesk, Inc. - D:\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8278 bytes
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod jaro3 » 16 dub 2016 09:25

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt


Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 16 dub 2016 12:16

Co se týče problémů tak se rapidně zvýšila doba náběhu OS. Doba od zadání hesla po naběhnutí plochy a všech ikon trvá klidně i 3minuty. Jinak RAM se většinou pohybuje kolem 45%.

DelFix log:

# DelFix v1.012 - Logfile created 16/04/2016 at 12:12:32
# Updated 04/03/2015 by Xplode
# Username : Patrik - PATRIK-PC
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ASWMBR

~ Cleaning system restore ...

Deleted : RP #467 [ComboFix created restore point | 04/16/2016 09:51:15]

New restore point created !

########## - EOF - ##########
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Orcus » 17 dub 2016 08:48

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 17 dub 2016 10:16

OTL log:

OTL logfile created on: 17.4.2016 9:59:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrik\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18282)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,85 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 57,99% Memory free
7,70 Gb Paging File | 5,29 Gb Available in Paging File | 68,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68,26 Gb Total Space | 7,88 Gb Free Space | 11,54% Space Free | Partition Type: NTFS
Drive D: | 630,28 Gb Total Space | 267,84 Gb Free Space | 42,49% Space Free | Partition Type: NTFS

Computer Name: PATRIK-PC | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Patrik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\Patrik\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - D:\DAEMON Tools Pro\DTShellHlp.exe (Disc Soft Ltd)
PRC - D:\DAEMON Tools Pro\DiscSoftBusService.exe (Disc Soft Ltd)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - D:\DAEMON Tools Pro\MSIMG32.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (FlexNet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Flexera Software LLC)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV:64bit: - (STacSV) -- C:\Program Files\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Hewlett-Packard Company)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdAppMgrSvc) -- C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe (Autodesk Inc.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (Disc Soft Bus Service) -- D:\DAEMON Tools Pro\DiscSoftBusService.exe (Disc Soft Ltd)
SRV - (mitsijm2016) -- D:\Autodesk\Inventor 2016\Moldflow\bin\mitsijm.exe (Autodesk, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (hpHotkeyMonitor) -- C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswvmm.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (dtscsibus) -- C:\Windows\SysNative\drivers\dtscsibus.sys (Disc Soft Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Company)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (SPUVCbv) -- C:\Windows\SysNative\drivers\SPUVCBv_x64.sys (Sunplus)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{540CA0BA-0226-418F-81AD-CCCA7D17FC56}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.77.2: C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2: C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2016.04.15 15:24:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016.01.29 09:01:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016.04.15 15:24:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.10.06 08:41:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Extensions
[2016.02.24 19:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\u6zuo40y.default-1431584290621\extensions
[2016.02.24 19:20:18 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\u6zuo40y.default-1431584290621\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016.04.13 10:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2016.04.15 19:09:31 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Patrik\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [ShowBatteryBar] C:\Program Files\BatteryBar\ShowBatteryBar.exe ()
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.240.0.214 83.240.0.135 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C94520B-01CF-46C0-971E-976C408EE73E}: DhcpNameServer = 83.240.0.214 83.240.0.135 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.10.13 19:56:47 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2015.10.13 21:40:33 | 000,000,000 | ---D | M] - D:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2014.07.04 13:25:46 | 000,000,000 | ---D | M] - D:\Autorádio -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 17 dub 2016 10:16

========== Files/Folders - Created Within 30 Days ==========

[2016.04.17 09:56:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Patrik\Desktop\OTL.exe
[2016.04.16 14:21:38 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\WinRAR
[2016.04.16 11:56:55 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2016.04.15 15:32:06 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016.04.15 15:25:29 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Roaming\AVAST Software
[2016.04.15 15:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2016.04.15 15:25:10 | 000,166,432 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2016.04.15 15:25:09 | 000,465,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2016.04.15 15:25:09 | 000,287,528 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2016.04.15 15:25:08 | 000,074,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2016.04.15 15:25:07 | 000,107,792 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2016.04.15 15:25:06 | 000,037,656 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2016.04.15 15:25:05 | 000,103,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2016.04.15 15:25:00 | 001,070,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2016.04.15 15:24:43 | 000,398,152 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2016.04.15 15:24:40 | 000,052,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2016.04.15 15:24:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2016.04.15 15:07:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AV
[2016.04.15 15:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AV
[2016.04.15 15:04:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2016.04.14 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\VirtualStore
[2016.04.14 20:27:41 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2016.04.14 20:27:41 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\Temp
[2016.04.14 20:12:21 | 000,000,000 | ---D | C] -- C:\Users\Patrik\AppData\Local\CrashDumps
[2016.04.14 16:46:31 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\Laborky tříska
[2016.04.13 22:05:07 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mtxoci.dll
[2016.04.13 22:05:06 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msorcl32.dll
[2016.04.13 22:05:06 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mtxoci.dll
[2016.04.13 22:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2016.04.13 22:04:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2016.04.13 22:04:54 | 003,943,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2016.04.13 22:04:54 | 002,084,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2016.04.13 22:04:54 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2016.04.13 22:04:54 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2016.04.13 22:04:53 | 005,551,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2016.04.13 22:04:53 | 003,998,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2016.04.13 22:04:53 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2016.04.13 22:04:53 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2016.04.13 22:04:53 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2016.04.13 22:04:53 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2016.04.13 22:04:53 | 000,706,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2016.04.13 22:04:53 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2016.04.13 22:04:53 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2016.04.13 22:04:53 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2016.04.13 22:04:53 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2016.04.13 22:04:52 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2016.04.13 22:04:52 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2016.04.13 22:04:52 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2016.04.13 22:04:52 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2016.04.13 22:04:52 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2016.04.13 22:04:52 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2016.04.13 22:04:52 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2016.04.13 22:04:52 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2016.04.13 22:04:52 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2016.04.13 22:04:52 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2016.04.13 22:04:52 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2016.04.13 22:04:52 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2016.04.13 22:04:52 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2016.04.13 22:04:52 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2016.04.13 22:04:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2016.04.13 22:04:52 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2016.04.13 22:04:52 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2016.04.13 22:04:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2016.04.13 22:04:52 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2016.04.13 22:04:52 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2016.04.13 22:04:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2016.04.13 22:04:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2016.04.13 22:04:51 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2016.04.13 22:04:51 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2016.04.13 22:04:51 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2016.04.13 22:04:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2016.04.13 22:04:51 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2016.04.13 22:04:51 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2016.04.13 22:04:51 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2016.04.13 22:04:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2016.04.13 22:04:51 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2016.04.13 22:04:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2016.04.13 22:04:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2016.04.13 22:04:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2016.04.13 22:04:51 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2016.04.13 22:04:51 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2016.04.13 22:04:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2016.04.13 22:04:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2016.04.13 22:04:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2016.04.13 22:04:51 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2016.04.13 22:04:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2016.04.13 22:04:50 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2016.04.13 22:04:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2016.04.13 22:04:50 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2016.04.13 22:04:29 | 000,451,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapi.dll
[2016.04.13 22:04:29 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fveapibase.dll
[2016.04.13 22:04:29 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tbs.dll
[2016.04.13 22:04:29 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tbs.dll
[2016.04.13 22:04:19 | 001,386,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.04.13 22:04:19 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.04.13 22:04:19 | 000,698,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2016.04.13 22:04:19 | 000,499,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2016.04.13 22:04:19 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2016.04.13 22:04:19 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2016.04.13 22:04:19 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2016.04.13 22:04:19 | 000,038,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.04.13 22:04:16 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2016.04.13 22:04:15 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2016.04.13 22:03:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016.04.13 22:03:49 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016.04.13 22:03:49 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016.04.13 22:03:49 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016.04.13 22:03:49 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016.04.13 22:03:48 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016.04.13 22:03:47 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016.04.13 22:03:47 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016.04.13 22:03:47 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016.04.13 22:03:47 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016.04.13 22:03:47 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016.04.13 22:03:47 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016.04.13 22:03:47 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016.04.13 22:03:45 | 002,056,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016.04.13 22:03:45 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016.04.13 22:03:45 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016.04.13 22:03:45 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016.04.13 22:03:45 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016.04.13 22:03:45 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016.04.13 22:03:44 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016.04.13 22:03:44 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016.04.13 22:03:43 | 000,806,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016.04.13 22:03:43 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016.04.13 22:03:43 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016.04.13 22:03:43 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016.04.13 22:03:42 | 002,131,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016.04.13 22:03:42 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016.04.13 22:03:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016.04.13 22:03:41 | 000,571,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016.04.13 22:03:41 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016.04.13 22:03:40 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016.04.13 22:03:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016.04.13 22:03:39 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016.04.13 22:03:39 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016.04.13 22:03:39 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016.04.13 22:03:38 | 006,052,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016.04.13 22:03:38 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016.04.13 22:03:38 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016.04.13 22:03:38 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016.04.13 22:03:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016.04.13 22:03:37 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016.04.13 22:03:37 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016.04.13 22:03:37 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016.04.13 21:36:33 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\2. laborka motory II
[2016.04.13 21:35:46 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\Kontrola PC
[2016.04.13 21:35:06 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\1. laborka motory I
[2016.04.13 20:27:10 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2016.04.13 10:58:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2016.04.12 19:25:49 | 000,192,216 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016.04.12 19:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2016.04.12 19:25:07 | 000,140,672 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2016.04.12 19:25:07 | 000,064,896 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2016.04.12 19:25:07 | 000,027,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2016.04.12 19:25:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2016.04.12 19:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2016.04.10 12:21:20 | 000,000,000 | ---D | C] -- C:\Users\Patrik\Desktop\OldVersions
[2016.03.30 17:42:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

========== Files - Modified Within 30 Days ==========

[2016.04.17 10:03:22 | 000,028,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016.04.17 10:03:22 | 000,028,048 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016.04.17 09:56:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Patrik\Desktop\OTL.exe
[2016.04.17 09:50:14 | 000,000,095 | ---- | M] () -- C:\Users\Patrik\.accessibility.properties
[2016.04.17 09:49:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016.04.17 09:49:45 | 3102,130,176 | -HS- | M] () -- C:\hiberfil.sys
[2016.04.16 19:28:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016.04.16 17:24:32 | 001,593,238 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2016.04.16 17:24:32 | 000,672,408 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2016.04.16 17:24:32 | 000,657,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2016.04.16 17:24:32 | 000,142,972 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2016.04.16 17:24:32 | 000,123,218 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2016.04.16 11:57:52 | 000,737,938 | ---- | M] () -- C:\Users\Patrik\Documents\cc_20160416_115744.reg
[2016.04.15 19:09:31 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2016.04.15 15:25:18 | 000,287,528 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys
[2016.04.15 15:24:41 | 000,465,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2016.04.15 15:24:41 | 000,398,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2016.04.15 15:24:41 | 000,166,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2016.04.15 15:24:41 | 000,107,792 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2016.04.15 15:24:41 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2016.04.15 15:24:41 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2016.04.15 15:24:41 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2016.04.15 15:24:40 | 000,052,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2016.04.15 15:24:38 | 001,070,904 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2016.04.15 15:00:23 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2016.04.14 22:06:36 | 000,000,144 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016.04.14 21:39:43 | 000,139,264 | ---- | M] () -- C:\Users\Patrik\Desktop\křídlo s kotama.ipt
[2016.04.14 19:53:14 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2016.04.14 19:26:41 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016.04.14 08:01:07 | 000,521,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2016.04.13 21:39:40 | 000,101,376 | ---- | M] () -- C:\Users\Patrik\Desktop\křídlo bez obr..ipt
[2016.04.13 10:29:02 | 000,192,216 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2016.04.11 17:17:03 | 000,007,605 | ---- | M] () -- C:\Users\Patrik\AppData\Local\resmon.resmoncfg
[2016.04.07 19:28:21 | 000,797,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2016.04.07 19:28:21 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2016.04.07 18:22:51 | 000,605,078 | ---- | M] () -- C:\Users\Patrik\Desktop\Metodika tréninku a tréninkový plán pro studenty Univerzity obrany.pdf
[2016.04.07 18:12:00 | 002,705,490 | ---- | M] () -- C:\Users\Patrik\Desktop\Trenink_v_posilovne_original_12.pdf
[2016.04.06 19:35:35 | 002,212,426 | ---- | M] () -- C:\Users\Patrik\Desktop\BP křivánek.pdf
[2016.04.05 09:53:49 | 001,568,888 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2016.04.04 20:14:06 | 000,038,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\CompatTelRunner.exe
[2016.04.04 20:02:17 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2016.04.02 15:08:13 | 001,386,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2016.03.31 02:40:26 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2016.03.31 02:28:08 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2016.03.31 02:28:00 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2016.03.31 02:27:35 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2016.03.31 02:27:33 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2016.03.31 02:27:19 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2016.03.31 02:25:33 | 006,052,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2016.03.31 02:21:29 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2016.03.31 02:19:04 | 000,615,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2016.03.31 02:17:56 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2016.03.31 02:17:56 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2016.03.31 02:17:47 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2016.03.31 02:17:39 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2016.03.31 02:11:12 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2016.03.31 02:08:07 | 000,489,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2016.03.31 02:00:50 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2016.03.31 01:59:38 | 000,107,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2016.03.31 01:57:14 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2016.03.31 01:56:41 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2016.03.31 01:55:48 | 000,315,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2016.03.31 01:53:18 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2016.03.31 01:52:58 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2016.03.31 01:52:36 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2016.03.31 01:52:30 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2016.03.31 01:52:15 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2016.03.31 01:48:14 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2016.03.31 01:46:41 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2016.03.31 01:45:41 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2016.03.31 01:45:40 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2016.03.31 01:45:24 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2016.03.31 01:43:29 | 000,725,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2016.03.31 01:43:00 | 000,806,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2016.03.31 01:42:16 | 002,131,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2016.03.31 01:42:11 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2016.03.31 01:34:28 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2016.03.31 01:33:46 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2016.03.31 01:31:51 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2016.03.31 01:31:12 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2016.03.31 01:29:26 | 000,130,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2016.03.31 01:23:09 | 002,056,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2016.03.31 01:22:53 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2016.03.31 01:06:05 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2016.03.31 01:00:46 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2016.03.30 17:42:01 | 000,097,856 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2016.03.23 16:02:01 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll

========== Files Created - No Company Name ==========

[2016.04.16 11:57:50 | 000,737,938 | ---- | C] () -- C:\Users\Patrik\Documents\cc_20160416_115744.reg
[2016.04.14 22:06:36 | 000,000,144 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2016.04.14 21:39:42 | 000,139,264 | ---- | C] () -- C:\Users\Patrik\Desktop\křídlo s kotama.ipt
[2016.04.14 20:27:41 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.04.13 21:39:38 | 000,101,376 | ---- | C] () -- C:\Users\Patrik\Desktop\křídlo bez obr..ipt
[2016.04.13 20:28:05 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2016.04.07 18:22:45 | 000,605,078 | ---- | C] () -- C:\Users\Patrik\Desktop\Metodika tréninku a tréninkový plán pro studenty Univerzity obrany.pdf
[2016.04.07 18:11:56 | 002,705,490 | ---- | C] () -- C:\Users\Patrik\Desktop\Trenink_v_posilovne_original_12.pdf
[2016.04.06 19:35:32 | 002,212,426 | ---- | C] () -- C:\Users\Patrik\Desktop\BP křivánek.pdf
[2016.01.11 13:29:48 | 000,001,332 | ---- | C] () -- C:\Windows\SysWow64\RunInfo.ini
[2015.09.29 12:44:35 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2015.09.28 12:21:57 | 000,000,095 | ---- | C] () -- C:\Users\Patrik\.accessibility.properties
[2015.09.28 12:15:09 | 000,670,205 | ---- | C] () -- C:\Windows\SysWow64\poclbm130302Intel(R) HD Graphics 4000gv1w256l4.bin
[2015.08.22 04:32:54 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2015.08.22 04:32:54 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2015.08.22 03:54:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2015.08.22 03:54:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2015.08.22 03:49:02 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2015.08.22 03:49:00 | 000,189,952 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2015.08.22 03:42:38 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2015.04.09 14:24:40 | 000,000,045 | ---- | C] () -- C:\Users\Patrik\jagex_cl_oldschool_LIVE.dat
[2015.04.09 14:21:23 | 000,000,045 | ---- | C] () -- C:\Users\Patrik\jagex_cl_runescape_LIVE.dat
[2015.04.09 14:21:23 | 000,000,024 | R--- | C] () -- C:\Users\Patrik\random.dat
[2014.12.05 18:01:50 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2014.12.05 16:14:37 | 000,007,605 | ---- | C] () -- C:\Users\Patrik\AppData\Local\resmon.resmoncfg
[2014.12.04 11:17:22 | 000,184,320 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014.12.04 11:17:22 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
[2013.10.30 22:25:45 | 000,000,000 | ---- | C] () -- C:\Users\Patrik\regbcm

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016.01.22 08:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.01.22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.12.05 18:01:48 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\AMD
[2015.10.27 12:45:21 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Autodesk
[2016.04.15 15:25:29 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\AVAST Software
[2015.11.16 18:10:18 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\BatteryBar
[2013.11.21 11:55:13 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Lite
[2015.06.13 17:31:40 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\DAEMON Tools Pro
[2013.10.21 18:12:41 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\driveridentifier
[2015.11.13 20:29:13 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Euro Truck Simulator 2
[2016.04.15 15:02:34 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\HLSW
[2014.03.19 20:33:27 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\IDT
[2013.11.14 20:54:49 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Leadertech
[2014.05.26 17:38:01 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\library_dir
[2013.11.23 12:27:49 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Maxthon3
[2015.09.30 19:58:38 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\PhotoScape
[2015.04.22 18:58:25 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\RobotSoft
[2016.01.20 21:26:36 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Seznam Browser
[2013.10.30 22:57:15 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Seznam.cz
[2013.10.18 17:14:03 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Synaptics
[2013.11.01 20:28:58 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\Unity
[2013.12.02 19:33:49 | 000,000,000 | ---D | M] -- C:\Users\Patrik\AppData\Roaming\wargaming.net

========== Purity Check ==========



< End of report >
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 17 dub 2016 10:17

Extras log:

OTL Extras logfile created on: 17.4.2016 9:59:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Patrik\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18282)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,85 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 57,99% Memory free
7,70 Gb Paging File | 5,29 Gb Available in Paging File | 68,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 68,26 Gb Total Space | 7,88 Gb Free Space | 11,54% Space Free | Partition Type: NTFS
Drive D: | 630,28 Gb Total Space | 267,84 Gb Free Space | 42,49% Space Free | Partition Type: NTFS

Computer Name: PATRIK-PC | User Name: Patrik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0027F7D3-7404-4B33-8B03-BA1833A4CC91}" = rport=137 | protocol=17 | dir=out | app=system |
"{033DF0AA-4A3F-49BC-B15E-B72D89D33B42}" = rport=10243 | protocol=6 | dir=out | app=system |
"{04B53924-5547-44CB-ACD4-69C33842DB58}" = lport=27022 | protocol=6 | dir=in | name=war thunder |
"{119453DB-B43E-4AA1-9FD1-DA96383CA0B3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{19D18B12-9167-4EE7-A7EB-A4E1819B3754}" = lport=7850 | protocol=6 | dir=in | name=war thunder |
"{1C646D6F-A741-4AC8-B9CD-6FAA788CB2CC}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1D044DB9-7D3C-4839-BFB8-7D842D272AC4}" = rport=445 | protocol=6 | dir=out | app=system |
"{1D8D593A-A295-471B-8141-C90FEE4B630F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1FF8E570-FAA6-4F9F-874A-5FD124AE9C1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2273B832-075F-4660-8D21-DC867CB1AF97}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{291A3046-11E1-461B-B937-AB94864355B0}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2A337EFC-AA6C-43DA-A72F-3B32FE94511C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2BDA7187-4AD2-4FCC-BACF-D880200DB1D6}" = lport=20010 | protocol=17 | dir=in | name=war thunder |
"{30D7D7BA-F8F4-4D76-96CD-0C1A0F896E13}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{37E745FB-21C1-4505-BD35-DA4FE46877AC}" = lport=6881 | protocol=6 | dir=in | name=war thunder |
"{3BA0D42C-F3E7-439A-B447-0B6BDC7E4182}" = lport=443 | protocol=6 | dir=in | name=war thunder |
"{3CF6AF5A-CB4B-47BD-9AA3-FE74AFCF3FD1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{457A79F6-8B47-4323-8ED7-D3B5B18E04C0}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{487AF9FD-68E6-4C4C-8727-A3A3A4604514}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4A90DECA-4C29-427E-BFE5-C169E463AD8D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C62A210-91DC-42C7-98A2-D1AEE6201EC8}" = lport=7853 | protocol=6 | dir=in | name=war thunder |
"{5EB08BA4-02DA-4C55-A92F-0A5A5CCBED23}" = lport=80 | protocol=6 | dir=in | name=war thunder |
"{67E56174-3ABE-47EB-8343-9D2A3F5DF1A6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6E272AB7-2F0A-4850-891B-D1BF2BFC9FDE}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6E6C5E6D-AC4C-438D-A130-E7C22D5C069C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6E7DE0E1-A0E9-494E-A0AD-11229AD8F13B}" = lport=3478 | protocol=17 | dir=in | name=war thunder |
"{71F2D3BA-3F3E-4555-AA62-F5D262B93446}" = lport=138 | protocol=17 | dir=in | app=system |
"{7317CBBB-19B3-45EF-B8C2-BE60E9534E66}" = lport=33333 | protocol=6 | dir=in | name=war thunder |
"{89705047-0733-47C1-9B4F-A647B92253C4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A12D11AB-0CC8-424E-BF6E-40A25BB5581B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A411D27B-F456-4BC7-8F69-735221F81D88}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AAED91FD-7722-4C98-88F9-8007D5616751}" = rport=138 | protocol=17 | dir=out | app=system |
"{C08AA605-8275-46D9-897D-D5647EFBC19C}" = lport=7852 | protocol=6 | dir=in | name=war thunder |
"{C7E59705-022C-4929-9979-AFB8BEBB30F3}" = lport=139 | protocol=6 | dir=in | app=system |
"{CA47472F-7178-466D-8491-B00BF2145C21}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CDAC26F0-B39D-4888-953A-59AF2D700C8E}" = lport=20443 | protocol=6 | dir=in | name=war thunder |
"{D0590241-E91D-4D61-B47D-BEA863F52C6E}" = rport=139 | protocol=6 | dir=out | app=system |
"{D0D79A23-97A3-4C5C-B7DE-9B5CEDAEBA14}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D37878A2-1B53-4465-A83D-97245B3D60EE}" = lport=137 | protocol=17 | dir=in | app=system |
"{D40FD39C-68A7-4CBB-8C52-84E8F7324B04}" = lport=445 | protocol=6 | dir=in | app=system |
"{D9CBE6A6-50EF-4414-9EF5-32473B7BA2B2}" = lport=8090 | protocol=6 | dir=in | name=war thunder |
"{DC35EBE1-2763-4B7C-921E-A21E3B59F2A7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F37D88CE-B554-4B14-BA53-D33DA93E41E2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04480BFC-36AB-40A0-8926-F65A5FB7F81A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{14ECCECB-2259-48EC-A0FB-974ED168F546}" = protocol=6 | dir=in | app=d:\warthunder\launcher.exe |
"{1A7D1095-0B0F-4BE6-9C92-A421D05F917B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24840BD2-6C37-4D0A-B314-4A236447D693}" = protocol=6 | dir=out | app=system |
"{24F7353C-7E51-49BA-80DA-4F08A3B85CD2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{283C4F3D-77F2-4CC9-9FF4-D181AB4BCD1E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{387C04E8-BBBF-4E1E-96AC-762975148E81}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3D7A0A9E-D0D4-495E-A863-4A0F58317D20}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{463E6C75-B680-4746-A0D8-72CB4BD2A72C}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{488AA379-ED66-46F8-BB5F-AF3D6605F780}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{504E524E-9467-4157-B9F9-505E51AD8E2A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{53791A39-E121-4301-9504-418CE75E484E}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5D205F8F-8008-4951-82F9-0BDCD1CC1F24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5D625017-60F4-4A91-A693-27626BD95C70}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5EF3C4E9-9D29-46B7-B473-CDD352FC52F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{62616F8A-9BC8-4B3E-894C-7A57D80A778F}" = protocol=17 | dir=in | app=d:\utorrent\utorrent.exe |
"{7B19CB80-A99E-444E-9402-C3EF6F7F76EE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7D6E0BE6-CFAB-4A31-90C6-270CC70CAA51}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7E97D6C1-A58B-47E4-96CE-6C2EB0ADE247}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{82B0CD35-687C-413E-A0E9-7D181231BFC4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8B0DE8E7-E5B4-4B82-8542-8DC557BE6220}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{95F7A890-B0F1-49C7-BA03-1EF8F1A4391E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{A5FA3543-7714-4DFF-8451-5CE521AC359A}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{ACB00C28-15F4-46EE-ADC6-EBB5A83397CD}" = protocol=6 | dir=in | app=d:\utorrent\utorrent.exe |
"{AE600B7D-7B90-4BA1-BA0F-67C5659D892B}" = protocol=17 | dir=in | app=d:\winamp\winamp.exe |
"{B0A30728-1F15-4661-B0FD-FCC9C1197E4F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B5A36204-F27E-42FA-BA83-5FA848403E16}" = protocol=17 | dir=in | app=d:\warthunder\bpreport.exe |
"{C30F0AEB-F137-432A-AC74-5F6BCC777F8C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C7815C85-8EF5-4C5B-9EA9-8582B06C9D88}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D40AD06A-17B6-4C6A-A4A9-CDF0AA9FFFFE}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{D77440DA-7ED7-4F99-A033-89EDCC0AB8E5}" = protocol=6 | dir=in | app=d:\warthunder\bpreport.exe |
"{D9A44B38-D011-47F3-933C-55D53DEFD974}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EB08A1AD-B581-4749-B109-D47DF6E56EBF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EB35D9E2-1BFF-4B18-A578-D4DB0F669E4C}" = protocol=17 | dir=in | app=d:\warthunder\launcher.exe |
"{EC1861D2-861B-428A-97B4-ACF311914CA1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F1550750-DC9E-4B68-8F76-8E0D9BF5C74E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F3AAF29F-7944-4805-B5AC-FB17C6272A9E}" = protocol=6 | dir=in | app=d:\winamp\winamp.exe |
"{F90F0933-E47D-4D46-8E92-2490367F9A4B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FF93B72F-D2D3-4057-8FC9-9F356D886B76}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"TCP Query User{18373C05-E10D-4310-A6BD-03800AD482ED}D:\warthunder\launcher.exe" = protocol=6 | dir=in | app=d:\warthunder\launcher.exe |
"TCP Query User{2BDF4E69-F497-4FF4-9CAD-8326093B0AB0}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{5F8727EC-A880-4CB4-B167-B988A8893C9A}D:\warthunder\aces.exe" = protocol=6 | dir=in | app=d:\warthunder\aces.exe |
"TCP Query User{6BDBB03E-6613-4C87-B5E0-2B8573036CA5}D:\warthunder\win64\aces64.exe" = protocol=6 | dir=in | app=d:\warthunder\win64\aces64.exe |
"TCP Query User{6CC5273A-4759-4A07-A9E2-7581025F1B4E}D:\warthunder\win64\aces.exe" = protocol=6 | dir=in | app=d:\warthunder\win64\aces.exe |
"TCP Query User{77B89044-F802-4D16-9EDA-E0318A6016C1}C:\users\patrik\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\patrik\appdata\local\akamai\netsession_win.exe |
"TCP Query User{847284D9-B274-4B49-9187-2CF7D4461720}D:\warthunder\win64\aces.exe" = protocol=6 | dir=in | app=d:\warthunder\win64\aces.exe |
"TCP Query User{A223CBD6-A434-41AF-B43F-4A795A0F6C54}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{D38D0FF4-4893-4187-95DC-6EF4A0D575FB}D:\warthunder\win64\aces64.exe" = protocol=6 | dir=in | app=d:\warthunder\win64\aces64.exe |
"TCP Query User{E08D4F53-C03D-4FAA-9A01-9855D1C25421}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{EA1D9197-1E4A-4359-BDFE-17EE9CE8E838}D:\warthunder\aces.exe" = protocol=6 | dir=in | app=d:\warthunder\aces.exe |
"UDP Query User{1C03F77A-3685-4EAC-8D3B-B63AFCE96A24}D:\warthunder\win64\aces64.exe" = protocol=17 | dir=in | app=d:\warthunder\win64\aces64.exe |
"UDP Query User{2705C613-ACD4-4248-A883-E8DE13AD9D99}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{2E67F550-FD6D-4C66-9DF1-0E545E75E25E}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{39AB6C2B-B1EA-40DE-A95A-E0AD919AC7AB}D:\warthunder\win64\aces64.exe" = protocol=17 | dir=in | app=d:\warthunder\win64\aces64.exe |
"UDP Query User{4AE6109E-373A-43C4-8231-B3B1005A131C}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{530E7799-C4E7-4B73-82EC-A508C2E0CECE}D:\warthunder\aces.exe" = protocol=17 | dir=in | app=d:\warthunder\aces.exe |
"UDP Query User{7CAFEE13-A6E9-4687-A6B4-960C177B8983}D:\warthunder\win64\aces.exe" = protocol=17 | dir=in | app=d:\warthunder\win64\aces.exe |
"UDP Query User{86FE16CE-A222-434B-9733-0A0D49625FB2}D:\warthunder\win64\aces.exe" = protocol=17 | dir=in | app=d:\warthunder\win64\aces.exe |
"UDP Query User{AA25D579-140E-4B26-B734-E322AEEDAAD5}D:\warthunder\launcher.exe" = protocol=17 | dir=in | app=d:\warthunder\launcher.exe |
"UDP Query User{C1FA22E2-CB99-4355-9837-3F77EBD4487A}D:\warthunder\aces.exe" = protocol=17 | dir=in | app=d:\warthunder\aces.exe |
"UDP Query User{C36D86A8-E091-47D8-892A-D5444A5B72A4}C:\users\patrik\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\patrik\appdata\local\akamai\netsession_win.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0BB716E0-1600-0210-0000-097DC2F354DF}" = Autodesk Revit Interoperability for Inventor 2016
"{1A56BE00-916E-432D-A576-EB00D2FF8450}" = Eco Materials Adviser for Autodesk Inventor 2016 (64-bit)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BE91685-1632-47FC-B563-A8A542C6664C}" = Autodesk Network License Manager
"{50813B8C-FCBB-3C61-8039-EAAA93029066}" = Microsoft .NET Framework 4.5.1 (CSY)
"{5783F2D7-0111-0409-0110-0060B0CE6BBA}" = Autodesk CAD Manager Tools
"{5783F2D7-F028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2016 - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{770EA7C3-0B5A-C557-E641-A09244603B84}" = AMD Catalyst Install Manager
"{7F4DD591-2064-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2016
"{7F4DD591-2064-0001-1029-7107D70F3DB4}" = Autodesk Inventor Professional 2016 Jazykový balíček – Čeština (Czech)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120064-0070-0000-0000-4000000FF1CE}" = Microsoft Visual Basic for Applications 7.1 (x64)
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90F60409-7000-11D3-8CFE-0150048383C9}" = Microsoft Visual Basic for Applications 7.1 (x64) English
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.1 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.6.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}" = Microsoft .NET Framework 4.6.1
"{C21E3979-74A1-B58C-7D22-36E82B86E785}" = AMD Wireless Display v3.0
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}" = Intel Processor Diagnostic Tool 64bit
"{F43B8BED-811A-6556-D548-0F3B1DDD78E3}" = AMD Drag and Drop Transcoding
"Autodesk Inventor Professional 2016" = Autodesk Inventor Professional 2016 - Čeština (Czech)
"Autodesk Inventor Professional 2016_20010" = Update 1 for Inventor 2016 (See readme for detail) (INV20010)
"Autodesk Inventor Professional 2016_20020" = Update 2 for Inventor 2016 (See readme for detail) (INV20020)
"Autodesk Revit Interoperability for Inventor 2016" = Autodesk Revit Interoperability for Inventor 2016
"BatteryBar" = BatteryBar (remove only)
"CCleaner" = CCleaner
"DWG TrueView 2016 - English" = Autodesk DWG TrueView 2016 - English
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"sp6" = Logitech SetPoint 6.67
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03E6F8D6-A7A4-7B1A-A3C6-722A6D54D355}" = PX Profile Update
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{0F7CBF80-96FF-D59E-6CB5-93A35D40D1A1}" = CCC Help Italian
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{128A4748-2438-CCE2-7A2D-EBCB6CAD4145}" = Catalyst Control Center Graphics Previews Common
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{14E51EE2-64B1-E950-9042-5B0542ED4DEF}" = CCC Help Dutch
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{19208C1C-9ED3-6E67-1CAF-17D6977B5B32}" = CCC Help Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{231ABC1A-D27E-3642-9EC4-073A11B63D8B}" = CCC Help Danish
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.0
"{254E1A18-D912-992A-9996-9A1CB95AD4C2}" = CCC Help Spanish
"{26A24AE4-039D-4CA4-87B4-2F83218077F0}" = Java 8 Update 77
"{29A7D6EC-63C2-42FD-8143-5812ABD2923F}" = Autodesk Material Library 2016
"{2F3EBEAE-E981-0F2F-E3DF-51652B49F81D}" = Catalyst Control Center Localization All
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{414B7A38-3B6D-5481-360D-2A4F971C705B}" = PX Profile Update
"{4840B728-D26C-85D9-1A56-5FD51D703404}" = CCC Help Swedish
"{49F56830-C5F7-1FC5-DB84-C7EBA5A939E5}" = CCC Help Portuguese
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4CBF3C32-BB4B-465D-3888-5C30F102615C}" = CCC Help Chinese Standard
"{55B85A06-5293-9262-F492-6F38656FBA49}" = CCC Help Hungarian
"{563941AA-C055-4FAA-8B04-A4E024A61F7E}" = Autodesk Configurator 360 addin
"{59DB38EB-F864-4E10-841D-38CFBCF864B0}" = Intel(R) Driver Update Utility 2.0
"{5BBFE8AA-18F2-A41E-F6F3-4F035E4FFEC1}" = CCC Help Czech
"{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}" = Autodesk Material Library Base Resolution Image Library 2016
"{6DA2B636-698A-3294-BF4A-B5E11B238CDD}" = Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{79BBB47F-F148-4A81-3761-5296D091CBC9}" = CCC Help Chinese Traditional
"{8409c4f7-2340-4933-a304-5d37db4fb48b}" = Intel® Driver Update Utility
"{85CEACAF-A84C-933B-AC01-8B0881B70A24}" = CCC Help Thai
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{88ACE193-FA96-C954-4BC5-11A2094C9B44}" = CCC Help Finnish
"{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}" = Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0D82FA4-A1CB-2FA4-9B7E-1B1175A3305D}" = CCC Help Russian
"{A8F9370F-3847-617C-84DC-C9597F51BFE8}" = AMD Catalyst Control Center
"{AC76BA86-0804-1033-1959-001824166751}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AE2F1669-5B1F-47C5-B639-78D74DD0BCE4}" = HP 3D DriveGuard
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{BB5D8339-5A8D-BE2F-A250-5F96DFFE18A6}" = CCC Help English
"{BBC57E85-BD83-BB98-78D7-E1A4AF7C4D1A}" = CCC Help German
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}" = Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
"{C807BEFB-0F17-41AC-B307-D7B5E1553040}" = HP Hotkey Support
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1" = aTube Catcher verze 3.8
"{D562B3BB-4405-4FA8-BCE2-D5DB89E8D5CE}" = HP ESU for Microsoft Windows 7
"{D93AB0C2-4CA3-BF26-2C4D-F1D07164157F}" = CCC Help Polish
"{D961304C-0ABB-F70B-02ED-1DB9D9B48FCC}" = CCC Help Norwegian
"{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}" = HP Support Solutions Framework
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1" = War Thunder Launcher 1.0.1.542
"{EE370BAD-5C4D-1BC6-E700-AB037DE9D56C}" = CCC Help Japanese
"{F03BA3F0-9DF3-D250-160B-29E1EF2A1D12}" = CCC Help Turkish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}" = Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
"{F915BA35-D0BE-55B4-CC1A-E199619089FC}" = CCC Help French
"{FA255A2B-F1B2-B28E-7533-920B2412B2E7}" = CCC Help Korean
"{FA5DF4D1-CD59-4183-B3D4-779A56498786}" = Autodesk Material Library Low Resolution Image Library 2016
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"AC3Filter_is1" = AC3Filter 2.0a
"Adobe Flash Player NPAPI" = Adobe Flash Player 21 NPAPI
"Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01_is1" = Assassin's Creed 4.Black Flag.Deluxe Edition.v 1.01
"aTube Catcher" = aTube Catcher
"Autodesk Application Manager" = Autodesk Application Manager
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Avast" = Avast Free Antivirus
"DAEMON Tools Pro" = DAEMON Tools Pro
"Euro Truck Simulator 2_R.G. Mechanics_is1" = Euro Truck Simulator 2
"Hi Suite" = HiSuite
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.2.1.1043
"Mozilla Firefox 45.0.2 (x86 cs)" = Mozilla Firefox 45.0.2 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Pharaoh Gold Bundle_is1" = Pharaoh Gold Bundle
"ResourceHacker_is1" = Resource Hacker Version 3.6.0
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sunplus SPUVCb" = HP HD Webcam Driver
"The KMPlayer" = KMPlayer (remove only)
"Winamp" = Winamp
"WinRAR archiver" = WinRAR

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8.4.2016 16:32:10 | Computer Name = Patrik-PC | Source = Application Hang | ID = 1002
Description = Program Inventor.exe verze 20.0.13800.0 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1854 Čas spuštění: 01d191d572a2cc43 Čas ukončení: 77 Cesta k aplikaci: D:\Autodesk\INVENT~1\Bin\Inventor.exe

ID
hlášení: f5fe8e82-fdc8-11e5-afcc-a45d36c8c826

Error - 10.4.2016 7:35:09 | Computer Name = Patrik-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: WINWORD.EXE, verze: 14.0.7167.5001, časové
razítko: 0x56c5a26b Název chybujícího modulu: mso.dll, verze: 14.0.7166.5000, časové
razítko: 0x56968520 Kód výjimky: 0xc0000005 Posun chyby: 0x000000000005ef56 ID chybujícího
procesu: 0x14d8 Čas spuštění chybující aplikace: 0x01d1930a20dc394f Cesta k chybující
aplikaci: C:\Program Files\Microsoft Office\Office14\WINWORD.EXE Cesta k chybujícímu
modulu: C:\Program Files\Common Files\Microsoft Shared\office14\mso.dll ID zprávy:
474a2716-ff10-11e5-8399-a45d36c8c826

Error - 10.4.2016 8:47:53 | Computer Name = Patrik-PC | Source = Application Hang | ID = 1002
Description = Program firefox.exe verze 45.0.1.5918 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
1630 Čas spuštění: 01d193265d35a060 Čas ukončení: 30 Cesta k aplikaci: C:\Program
Files (x86)\Mozilla Firefox\firefox.exe ID hlášení: 4410a905-ff1a-11e5-8399-a45d36c8c826


Error - 10.4.2016 8:47:53 | Computer Name = Patrik-PC | Source = Application Hang | ID = 1002
Description = Program utorrent.exe verze 2.2.1.25534 přestal spolupracovat se systémem
Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto
problému, vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu:
158 Čas spuštění: 01d1931f53f161be Čas ukončení: 3 Cesta k aplikaci: D:\uTorrent\utorrent.exe

ID
hlášení: 4a616be2-ff1a-11e5-8399-a45d36c8c826

Error - 13.4.2016 14:40:12 | Computer Name = Patrik-PC | Source = ESENT | ID = 490
Description = DllHost (1404) WebCacheLocal: Pokus o otevření souboru C:\Users\Patrik\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 13.4.2016 14:40:22 | Computer Name = Patrik-PC | Source = ESENT | ID = 490
Description = DllHost (1404) WebCacheLocal: Pokus o otevření souboru C:\Users\Patrik\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat
pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces
nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření
souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error - 14.4.2016 13:53:51 | Computer Name = Patrik-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddWin32ServiceFiles: Unable to back up image of service HiSuiteOuc64.exe
since QueryServiceConfig API failed System Error: Systém nemůže nalézt uvedený soubor.
.

Error - 14.4.2016 13:53:51 | Computer Name = Patrik-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddWin32ServiceFiles: Unable to back up image of service HuaweiHiSuiteService64.exe
since QueryServiceConfig API failed System Error: Systém nemůže nalézt uvedený soubor.
.

Error - 14.4.2016 13:54:02 | Computer Name = Patrik-PC | Source = .NET Runtime | ID = 1026
Description =

Error - 14.4.2016 13:54:04 | Computer Name = Patrik-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko:
0x540c90b2 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x000007fe927533a8 ID chybujícího procesu: 0x1564
Čas
spuštění chybující aplikace: 0x01d196769ff602ad Cesta k chybující aplikaci: C:\Users\Patrik\AppData\Local\Temp\DaS_21.exe
Cesta
k chybujícímu modulu: unknown ID zprávy: e04d54d5-0269-11e6-ae30-a45d36c8c826

[ HP Software Framework Events ]
Error - 22.11.2015 17:37:19 | Computer Name = Patrik-PC | Source = hpqWmiEx | ID = 5
Description = 2015/11/22 22:37:19.085|00000B90|Error |ChpqWmiExModule::Run|Run
error.

[ Media Center Events ]
Error - 16.12.2014 5:55:40 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 10:55:31 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 16.12.2014 6:58:30 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 11:58:23 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 16.12.2014 13:16:53 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 18:16:46 - Chyba při připojování k Internetu 18:16:46 - Nelze kontaktovat
server..

Error - 30.12.2014 5:15:11 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 10:15:11 - Načtení položky Directory se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 30.12.2014 5:15:17 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 10:15:17 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 30.12.2014 6:15:47 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 11:15:44 - Načtení položky MCESpotlight se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 3.1.2015 12:19:13 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 17:19:06 - Načtení položky Broadband se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 5.1.2015 1:12:20 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 6:12:19 - Načtení položky MCEClientUX se nezdařilo. (Chyba: Ke vzdálenému
serveru se nelze připojit.)

Error - 10.8.2015 6:19:37 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 12:19:36 - Chyba při připojování k Internetu 12:19:36 - Nelze kontaktovat
server..

Error - 10.8.2015 7:19:48 | Computer Name = Patrik-PC | Source = MCUpdate | ID = 0
Description = 13:19:48 - Chyba při připojování k Internetu 13:19:48 - Nelze kontaktovat
server..

[ System Events ]
Error - 15.4.2016 13:05:32 | Computer Name = Patrik-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 15.4.2016 13:05:32 | Computer Name = Patrik-PC | Source = Application Popup | ID = 1060
Description = Načtení \??\C:\ComboFix\catchme.sys bylo zablokováno kvůli nekompatibilitě
s tímto systémem. Požádejte dodavatele softwaru o kompatibilní verzi ovladače.

Error - 15.4.2016 13:06:07 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 15.4.2016 13:06:17 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7030
Description = Služba PEVSystemStart je označena jako interaktivní služba. Avšak
systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba
nebude fungovat správně.

Error - 15.4.2016 13:07:34 | Computer Name = Patrik-PC | Source = DCOM | ID = 10010
Description =

Error - 15.4.2016 13:11:19 | Computer Name = Patrik-PC | Source = Service Control Manager | ID = 7000
Description = Služba HP Support Solutions Framework Service neuspěla při spuštění
v důsledku následující chyby: %%31

Error - 15.4.2016 14:35:09 | Computer Name = Patrik-PC | Source = DCOM | ID = 10010
Description =

Error - 16.4.2016 5:58:35 | Computer Name = Patrik-PC | Source = DCOM | ID = 10010
Description =

Error - 16.4.2016 7:38:49 | Computer Name = Patrik-PC | Source = DCOM | ID = 10010
Description =

Error - 16.4.2016 14:22:45 | Computer Name = Patrik-PC | Source = DCOM | ID = 10010
Description =


< End of report >
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod jaro3 » 18 dub 2016 09:05

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{540CA0BA-0226-418F-81AD-CCCA7D17FC56}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Patrik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
[2014.10.06 08:41:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Extensions
[2016.02.24 19:20:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\u6zuo40y.default-1431584290621\extensions
[2016.02.24 19:20:18 | 001,013,992 | ---- | M] () (No name found) -- C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\u6zuo40y.default-1431584290621\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016.04.13 10:58:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8:64bit: - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
""=""%1" %*"

:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]
[EMPTYJAVA]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

Drive C: | 68,26 Gb Total Space | 7,88 Gb Free Space | 11,54% Space Free | Partition Type: NTFS
nedostatek volného místa na syst. disku. Měl bys mít nejméně 15-20% volného místa pro správný chod windows. Něco odinstaluj , smaž.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 19 dub 2016 17:19

OTL log:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{540CA0BA-0226-418F-81AD-CCCA7D17FC56}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{540CA0BA-0226-418F-81AD-CCCA7D17FC56}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0.2 removed from extensions.enabledAddons
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0\ deleted successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\u6zuo40y.default-1431584290621\extensions folder moved successfully.
File C:\Users\Patrik\AppData\Roaming\Mozilla\Firefox\Profiles\u6zuo40y.default-1431584290621\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SysTrayApp deleted successfully.
C:\Program Files\IDT\WDM\sttray64.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Od&eslat do aplikace OneNote\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
File\Folder C:\Windows\SysNative\drivers\*.tmp not found.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command\\""|""%1" %*" /E : value set successfully!
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Patrik
->Temp folder emptied: 12588090 bytes
->Temporary Internet Files folder emptied: 3971082 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 182471061 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 308715 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 190,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Patrik
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Patrik
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04192016_164500

Files\Folders moved on Reboot...
C:\Users\Patrik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Patrik\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvastLock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 19 dub 2016 17:36

Co se týče volného místa na disku, tak jsem to uvolnil na 9GB, ale víc to nejde nebo nevím co smazat. Na C jsou už jen nainstalované potřebné věci pro chod os (v Program files). Na ploše taky nic nemám, tak nevím co mi může zabírat tolik místa na tom Cčku :?
Nahoru
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Orcus » 19 dub 2016 19:12

Zde jsou nástroje, které Ti pomohou určit, co zabírá hodně místa.

http://lifehacker.com/5915921/the-best- ... or-windows
Láska hřeje, ale uhlí je uhlí. :fire:


Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.
Nahoru
Patrikz
Level 1
Level 1
Příspěvky: 65
Registrován: duben 16
Pohlaví: Muž
Stav:
Offline

Re: Kontrola logu, velké využití RAM

Příspěvekod Patrikz » 20 dub 2016 17:45

Tady je screen z aplikace.
místo na disku.jpg


Většinu místa mi dle mého názoru zabírají věci které potřebuji na chod OS tudíž nevím co smazat. Další věcí je aplikace Autodesk Inventor ale při přemístění této složky na disk D se mi poté Inventor nespustí tudíž už nevím co více smazat.

Děkuji za odpověď
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 55 hostů