zpomalený PC-prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod Korzarek » 12 pro 2017 11:30

Ještě jsem udělal kontrolu chyb, výsledek: žádné chyby.
Dále jsem provedl defragmentaci, bylo defragmentováno 2%, po defragmentaci je 1%.

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod jaro3 » 12 pro 2017 17:42

000000000968 Čas na roztočení ploten
000000000BB3 Ohlášeno neopravitelných chyb
000000000175 Počet udalostí zaznamenaných otřesovým senzorem

disk nevypadá OK..Zítra udělej znovu CDI

+ ( můžeš dnes)
Stáhni si HD Tune
http://www.svethardware.cz/forum/downlo ... ile&id=202

-nainstaluj, spusť program, klikni na záložku Error scan
Spusť Start a počkej , až skončí svojí práci. Pokud budou všechny čtverečky zelené je disk OK , pokud budou některá červená , disk odchází.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod Korzarek » 13 pro 2017 14:06

CDI znovu:
CrystalDiskInfo 7.5.0 (C) 2008-2017 hiyohiyo
Crystal Dew World : https://crystalmark.info/
OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2017/12/13 14:02:00
-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- ST750LM022 HN-M750MBB
- Řadič prostorů úložišť [SCSI]
-- Disk List ---------------------------------------------------------------
(1) ST750LM022 HN-M750MBB : 750,1 GB [0/0/0, pd1] - st
(1) ST750LM022 HN-M750MBB
Model : ST750LM022 HN-M750MBB
Firmware : 2BA30001
Serial Number : S31PJ9GF407870
Disk Size : 750,1 GB (8,4/137,4/750,1/750,1)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1465149168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 1904 hod.
Power On Count : 2627 krát
Temperature : 42 C (107 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : ----
Drive Letter : C: D: X:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000BB3 Počet chyb čtení
02 252 252 __0 000000000000 Průchodnost disku
03 _93 _91 _25 00000000096F Čas na roztočení ploten
04 _98 _98 __0 000000000A41 Počet spuštění/zastavení
05 252 252 _10 000000000000 Počet přemapovaných sektorů
07 252 252 _51 000000000000 Počet chybných hledání
08 252 252 _15 000000000000 Čas potřebný na vyhledání
09 100 100 __0 000000000770 Hodin v činnosti
0A 252 252 _51 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 0000000000EB Počet pokusů o překalibrování
0C _98 _98 __0 000000000A43 Počet cyklů zapnutí zařízení
B5 100 100 __0 00000010F0C6 Specifický pro výrobce
B7 252 252 _10 000000000000 Specifický pro výrobce
B8 252 252 _48 000000000000 Ukončovacích chyb
BA 252 252 __0 000000000000 Specifický pro výrobce
BB 100 100 __0 000000000BB3 Ohlášeno neopravitelných chyb
BC 252 252 __0 000000000000 Časový limit příkazu
BE _58 _53 _40 002F000D002A Teplota toku vzduchu
BF 100 100 __0 000000000175 Počet udalostí zaznamenaných otřesovým senzorem
C0 252 252 __0 000000000000 Počet vypnutí disku
C1 _98 _98 __0 0000000061D8 Počet cyklů načítání/vymazání
C2 _58 _53 __0 002F000D002A Teplota
C3 100 100 __0 000000000000 Počet oprav chybného čtení
C4 252 252 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 252 100 __0 000000000000 Počet podezřelých sektorů
C6 252 252 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 100 100 __0 0000000012D3 Počet chyb při zápisu sektorů

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5333 3150 4A39 4746 3430 3738 3730 2020 2020 2020
020: 0000 8000 0004 3242 4133 3030 3031 5354 3735 304C
030: 4D30 3232 2048 4E2D 4D37 3530 4D42 4220 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0000
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0D0E 0004 004C 0048
080: 03FF 0028 706B 7C69 6123 7069 BC41 6123 407F 0051
090: 0051 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5000 4CF2
110: 0CF7 906E 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 83A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 B3 0B 00 00 00 00 00 02 27
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5D 5B 6F
020: 09 00 00 00 00 00 04 32 00 62 62 41 0A 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2F
040: 00 FC FC 00 00 00 00 00 00 00 08 25 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 70 07 00 00 00
060: 00 00 0A 33 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 EB 00 00 00 00 00 00 0C 32 00 62 62 43
080: 0A 00 00 00 00 00 B5 22 00 64 64 C6 F0 10 00 00
090: 00 00 B7 32 00 FC FC 00 00 00 00 00 00 00 B8 33
0A0: 00 FC FC 00 00 00 00 00 00 00 BA 32 00 FC FC 00
0B0: 00 00 00 00 00 00 BB 32 00 64 64 B3 0B 00 00 00
0C0: 00 00 BC 32 00 FC FC 00 00 00 00 00 00 00 BE 02
0D0: 00 3A 35 2A 00 0D 00 2F 00 00 BF 22 00 64 64 75
0E0: 01 00 00 00 00 00 C0 22 00 FC FC 00 00 00 00 00
0F0: 00 00 C1 32 00 62 62 D8 61 00 00 00 00 00 C2 02
100: 00 3A 35 2A 00 0D 00 2F 00 00 C3 3A 00 64 64 00
110: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
120: 00 00 C5 32 00 FC 64 00 00 00 00 00 00 00 C6 30
130: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
140: 00 00 00 00 00 00 C8 2A 00 64 64 D3 12 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 60 27 00 51
170: 03 00 01 00 02 A8 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E6

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 B5 00 00 00 00 00 00 00 00 00
090: 00 00 B7 0A 00 00 00 00 00 00 00 00 00 00 B8 30
0A0: 00 00 00 00 00 00 00 00 00 00 BA 00 00 00 00 00
0B0: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
0C0: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0D0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0E0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0F0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
100: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
110: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
120: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
130: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
140: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 C5
HD Tune dopadl bez chyb, všechna políčka zelená, žádné červené.

HD Tune: ST750LM022 HN-M7 Error Scan
Scanned data : 715118 MB
Damaged Blocks : 0.0 %
Elapsed Time : 194:38

HD Tune: ST750LM022 HN-M7 Health
ID Current Worst ThresholdData Status
(01) Raw Read Error Rate 100 100 51 2995 Ok
(02) Throughput Performance 252 252 0 0 Ok
(03) Spin Up Time 93 91 25 2415 Ok
(04) Start/Stop Count 98 98 0 2625 Ok
(05) Reallocated Sector Count 252 252 10 0 Ok
(07) Seek Error Rate 252 252 51 0 Ok
(08) Seek Time Performance 252 252 15 0 Ok
(09) Power On Hours Count 100 100 0 1904 Ok
(0A) Spin Retry Count 252 252 51 0 Ok
(0B) Calibration Retry Count 100 100 0 235 Ok
(0C) Power Cycle Count 98 98 0 2627 Ok
(B5) (unknown attribute) 100 100 0 1110203 Ok
(B7) (unknown attribute) 252 252 10 0 Ok
(B8) (unknown attribute) 252 252 48 0 Ok
(BA) (unknown attribute) 252 252 0 0 Ok
(BB) (unknown attribute) 100 100 0 2995 Ok
(BC) (unknown attribute) 252 252 0 0 Ok
(BE) Airflow Temperature 57 53 40 852011 Ok
(BF) G-sense Error Rate 100 100 0 373 Ok
(C0) Power Off Retract Count 252 252 0 0 Ok
(C1) Load Cycle Count 98 98 0 25048 Ok
(C2) Temperature 57 53 0 852011 Ok
(C3) Hardware ECC Recovered 100 100 0 0 Ok
(C4) Reallocated Event Count 252 252 0 0 Ok
(C5) Current Pending Sector 252 100 0 0 Ok
(C6) Offline Uncorrectable 252 252 0 0 Ok
(C7) Ultra DMA CRC Error Count 200 200 0 0 Ok
(C8) Write Error Rate 100 100 0 4819 Ok

Power On Time : 1904
Health Status : Ok

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod jaro3 » 13 pro 2017 17:35

000000000968 Čas na roztočení ploten
00000000096F Čas na roztočení ploten
Čas potřebný k roztočení ploten. S časem se zhoršuje, avšak poměrně pomalu. Náhlá změna značí poškození motorku otáčejícího plotny.

000000000BB3 Ohlášeno neopravitelných chyb
000000000BB3 Ohlášeno neopravitelných chyb

000000000175 Počet udalostí zaznamenaných otřesovým senzorem
000000000175 Počet udalostí zaznamenaných otřesovým senzorem

Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:

Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod Korzarek » 14 pro 2017 18:29


nějak nerozumím těm hodnotám času, potřebného k roztočení ploten.
000000000968 Čas na roztočení ploten
00000000096F Čas na roztočení ploten
V jakých jednotkách to je? Mám to čas od času sledovat, jestli se to nebude zhoršovat?

Projel jsem ten OTL a tady je výsledek:

OTL logfile created on: 14. 12. 2017 17:29:17 - Run 1
OTL by OldTimer - Version Folder = C:\Users\eva\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18838)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 44,26% Memory free
10,34 Gb Paging File | 7,96 Gb Available in Paging File | 77,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 89,50 Gb Free Space | 61,10% Space Free | Partition Type: NTFS
Drive D: | 536,06 Gb Total Space | 85,92 Gb Free Space | 16,03% Space Free | Partition Type: NTFS
Drive X: | 15,21 Gb Total Space | 1,50 Gb Free Space | 9,85% Space Free | Partition Type: NTFS

Computer Name: PC-EVA | User Name: eva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\eva\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (CyberLink)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\tasks_core.dll ()
MOD - C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\module_lifetime.dll ()
MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (AVAST Software)
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV:64bit: - (w3logsvc) -- C:\Windows\SysNative\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ZAMSvc) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)
SRV - (CyberLink PowerDVD 12 Media Server Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe (CyberLink)
SRV - (CyberLink PowerDVD 12 Media Server Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (CyberLink)
SRV - (HPWMISVC) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.)
SRV - (w3logsvc) -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMWebProtection) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes)
DRV:64bit: - (MBAMFarflt) -- C:\Windows\SysNative\drivers\farflt.sys (Malwarebytes)
DRV:64bit: - (MBAMProtection) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes)
DRV:64bit: - (ZAM) -- C:\Windows\SysNative\drivers\zam64.sys (Zemana Ltd.)
DRV:64bit: - (ZAM_Guard) -- C:\Windows\SysNative\drivers\zamguard64.sys (Zemana Ltd.)
DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MbamChameleon.sys (Malwarebytes)
DRV:64bit: - (aswHdsKe) -- C:\Windows\SysNative\drivers\aswHdsKe.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys (AVAST Software)
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys (AVAST Software)
DRV:64bit: - (aswArPot) -- C:\Windows\SysNative\drivers\aswArPot.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswblog) -- C:\Windows\SysNative\drivers\aswbloga.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbuniv) -- C:\Windows\SysNative\drivers\aswbuniva.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsdriver) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys (AVAST Software s.r.o.)
DRV:64bit: - (aswbidsh) -- C:\Windows\SysNative\drivers\aswbidsha.sys (AVAST Software s.r.o.)
DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\drivers\mbae64.sys ()
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (MBI) -- C:\Windows\SysNative\drivers\MBI.sys (Intel Corporation)
DRV:64bit: - (TXEIx64) -- C:\Windows\SysNative\drivers\TXEIx64.sys (Intel Corporation)
DRV:64bit: - (RSP2STOR) -- C:\Windows\SysNative\drivers\RtsP2Stor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (rtbth) -- C:\Windows\SysNative\drivers\rtbth.sys (Ralink Technology, Corp.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV:64bit: - (GPIO) -- C:\Windows\SysNative\drivers\iaiogpioe.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (WirelessButtonDriver) -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (CLVirtualDrive) -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys (CyberLink)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()

========== Standard Registry (All) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = D:\Stažené soubory
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://volny.cz/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 5B 79 30 95 17 70 D3 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {036C376D-363F-4535-AC8F-03ABBEFDB22C}
IE - HKCU\..\SearchScopes\{036C376D-363F-4535-AC8F-03ABBEFDB22C}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.search.widget.inNavBar: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Components: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Plugins: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\PLUGINS
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 57.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2016/09/05 17:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Extensions
[2017/11/23 18:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\SystemExtensionsDev
[2017/11/28 19:20:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data
[2017/12/14 17:26:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2017/10/05 23:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\screenshots@mozilla.org
[2017/12/13 10:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\extensions
[2017/12/13 10:44:42 | 001,044,671 | ---- | M] () (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017/12/11 10:13:38 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\features\{e1a081e9-f85d-4db9-886b-faafd47366b9}\disable-media-wmf-nv12@mozilla.org.xpi
[2017/12/08 12:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2017/12/08 10:25:30 | 000,000,753 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: localhost
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2:64bit: - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll (Eyeo GmbH)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O2 - BHO: (Adblock Plus for IE Browser Helper Object) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Eyeo GmbH)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4:64bit: - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS Partition Master 10.1\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [EaseUS EPM Tray Agent] C:\Program Files (x86)\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe ()
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKCU..\Run: [Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O8:64bit: - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06BE0B01-6BF9-4BE3-8C7B-EA360CB32382}: DhcpNameServer =
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A9A1E2E3-5A59-40A5-8598-21360D4CABFD}: DhcpNameServer =
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2017/12/14 17:26:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\eva\Desktop\OTL.exe
[2017/12/13 10:38:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
[2017/12/13 10:38:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune
[2017/12/12 10:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
[2017/12/12 10:44:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CrystalDiskInfo
[2017/12/11 19:56:38 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017/12/11 10:02:07 | 000,000,000 | ---D | C] -- C:\FRST
[2017/12/11 10:00:33 | 002,390,528 | ---- | C] (Farbar) -- C:\Users\eva\Desktop\FRST64.exe
[2017/12/08 10:43:00 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zam64.sys
[2017/12/08 10:42:59 | 000,203,680 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zamguard64.sys
[2017/12/08 10:42:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017/12/08 10:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiMalware
[2017/12/08 10:42:19 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\Zemana
[2017/12/08 10:32:46 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017/12/08 10:31:40 | 000,193,464 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
[2017/12/08 10:31:39 | 000,110,016 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017/12/08 10:31:38 | 000,094,144 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017/12/08 10:31:37 | 000,046,008 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017/12/08 10:31:31 | 000,253,880 | ---- | C] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2017/12/08 10:28:25 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017/12/08 10:28:25 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\Temp
[2017/12/08 10:19:36 | 000,000,000 | ---D | C] -- C:\zoek_backup
[2017/12/07 16:56:03 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\Adobe
[2017/12/07 15:40:36 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\CrashDumps
[2017/12/07 15:37:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Avast Software
[2017/12/07 15:34:05 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\TeamViewer
[2017/12/07 11:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2017/12/07 11:39:59 | 026,851,912 | ---- | C] (Adlice Software) -- C:\Users\eva\Desktop\RogueKiller_portable64.exe
[2017/12/06 12:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017/12/06 12:30:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017/12/06 12:29:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2017/12/06 11:19:34 | 008,172,032 | ---- | C] (Malwarebytes) -- C:\Users\eva\Desktop\AdwCleaner.exe
[2017/12/06 11:15:24 | 000,000,000 | -H-D | C] -- C:\$AV_ASW
[2017/12/05 13:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/12/05 13:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017/12/05 13:05:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017/12/05 12:43:19 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/12/05 12:41:47 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\CyberLink
[2017/12/05 12:41:00 | 000,000,000 | ---D | C] -- C:\Users\eva\AppData\Local\CEF
[2017/12/04 13:28:57 | 000,121,272 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys
[2017/11/29 12:06:25 | 003,084,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msftedit.dll
[2017/11/29 12:06:21 | 002,471,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msftedit.dll
[2017/11/29 12:06:16 | 015,431,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2017/11/29 12:06:14 | 013,317,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2017/11/29 12:06:08 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017/11/29 12:06:05 | 002,779,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2017/11/29 12:06:03 | 000,443,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2017/11/29 12:06:03 | 000,027,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2017/11/29 12:06:02 | 003,631,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2017/11/29 12:06:02 | 002,464,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2017/11/29 12:06:00 | 002,749,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2017/11/29 12:05:59 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017/11/29 12:05:58 | 000,995,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ucrtbase.dll
[2017/11/29 12:05:58 | 000,922,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ucrtbase.dll
[2017/11/29 12:05:58 | 000,662,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017/11/29 12:05:57 | 000,685,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017/11/29 12:05:57 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017/11/29 12:05:56 | 000,807,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017/11/29 12:05:56 | 000,339,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msexcl40.dll
[2017/11/29 12:05:55 | 002,058,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017/11/29 12:05:55 | 000,380,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2017/11/29 12:05:54 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017/11/29 12:05:54 | 000,425,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\PCPTpm12.dll
[2017/11/29 12:05:54 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\PCPTpm12.dll
[2017/11/29 12:05:52 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mgmtapi.dll
[2017/11/29 12:05:52 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mgmtapi.dll
[2017/11/29 12:05:50 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017/11/29 12:05:47 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017/11/29 12:05:47 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017/11/28 19:51:46 | 000,183,584 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys
[2017/11/28 19:51:26 | 000,365,168 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[12 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod Korzarek » 14 pro 2017 18:31

--- pokračování ---

========== Files - Modified Within 30 Days ==========

[2017/12/14 17:44:08 | 000,245,374 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2017/12/14 17:44:08 | 000,201,065 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017/12/14 17:26:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\eva\Desktop\OTL.exe
[2017/12/14 17:20:17 | 133,326,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MRT-KB890830.exe
[2017/12/14 17:10:21 | 000,094,144 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017/12/14 17:03:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017/12/13 10:38:41 | 000,000,945 | ---- | M] () -- C:\Users\eva\Desktop\HD Tune.lnk
[2017/12/12 10:44:29 | 000,001,219 | ---- | M] () -- C:\Users\eva\Desktop\CrystalDiskInfo.lnk
[2017/12/11 20:01:57 | 001,883,104 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017/12/11 20:01:57 | 000,786,952 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017/12/11 20:01:57 | 000,768,392 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017/12/11 20:01:57 | 000,166,490 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017/12/11 20:01:57 | 000,161,212 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017/12/11 19:58:20 | 000,040,960 | ---- | M] () -- C:\Users\eva\Desktop\memtest.exe
[2017/12/11 19:56:15 | 000,110,016 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017/12/11 19:56:13 | 000,046,008 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017/12/11 19:56:09 | 000,253,880 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2017/12/11 19:55:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017/12/11 19:55:05 | 3342,241,792 | -HS- | M] () -- C:\hiberfil.sys
[2017/12/11 10:00:44 | 002,390,528 | ---- | M] (Farbar) -- C:\Users\eva\Desktop\FRST64.exe
[2017/12/08 10:43:00 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zam64.sys
[2017/12/08 10:42:59 | 000,203,680 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\zamguard64.sys
[2017/12/08 10:42:57 | 000,001,167 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017/12/08 10:31:40 | 000,193,464 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MbamChameleon.sys
[2017/12/08 10:30:22 | 000,485,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017/12/08 10:25:30 | 000,000,753 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2017/12/08 10:19:34 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2017/12/07 15:33:27 | 000,000,978 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 13.lnk
[2017/12/07 11:43:20 | 000,028,272 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017/12/07 11:40:13 | 026,851,912 | ---- | M] (Adlice Software) -- C:\Users\eva\Desktop\RogueKiller_portable64.exe
[2017/12/06 12:30:07 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017/12/06 11:19:40 | 008,172,032 | ---- | M] (Malwarebytes) -- C:\Users\eva\Desktop\AdwCleaner.exe
[2017/12/05 13:06:11 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/12/03 18:09:23 | 000,121,272 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHdsKe.sys
[2017/11/29 11:43:22 | 000,002,210 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017/11/28 19:53:23 | 000,455,376 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017/11/28 19:50:57 | 000,203,976 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2017/11/28 19:50:56 | 000,455,384 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys.151189520185904
[2017/11/28 19:50:56 | 000,364,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2017/11/28 19:50:55 | 000,365,168 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017/11/28 19:50:55 | 000,148,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017/11/28 19:50:55 | 000,084,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017/11/28 19:50:55 | 000,047,008 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017/11/28 19:50:54 | 000,183,584 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswArPot.sys
[2017/11/28 19:50:53 | 000,110,376 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017/11/28 19:50:04 | 001,026,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017/11/28 19:49:42 | 000,343,288 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017/11/28 19:49:42 | 000,057,728 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017/11/28 19:49:41 | 000,321,032 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017/11/28 19:49:41 | 000,198,968 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017/11/28 19:36:18 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2017/11/28 18:55:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\last.dump
[12 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2017/12/13 10:38:41 | 000,000,945 | ---- | C] () -- C:\Users\eva\Desktop\HD Tune.lnk
[2017/12/12 10:44:29 | 000,001,219 | ---- | C] () -- C:\Users\eva\Desktop\CrystalDiskInfo.lnk
[2017/12/11 20:35:56 | 000,040,960 | ---- | C] () -- C:\Users\eva\Desktop\memtest.exe
[2017/12/08 10:43:05 | 000,244,791 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2017/12/08 10:43:05 | 000,200,452 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017/12/08 10:42:57 | 000,001,167 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017/12/08 10:28:29 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2017/12/07 15:33:28 | 000,000,990 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
[2017/12/07 15:33:27 | 000,000,978 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 13.lnk
[2017/12/07 11:43:20 | 000,028,272 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2017/12/06 12:30:07 | 000,002,775 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017/12/05 13:06:11 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/12/05 13:05:56 | 000,077,432 | ---- | C] () -- C:\Windows\SysNative\drivers\mbae64.sys
[2017/08/09 21:44:43 | 000,518,144 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== ZeroAccess Check ==========

[2014/03/08 23:15:28 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64


[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64


[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2017/09/09 19:53:33 | 022,361,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

"" = %SystemRoot%\system32\shell32.dll -- [2017/09/09 18:55:46 | 019,790,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both


========== LOP Check ==========

[2014/11/02 19:18:32 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\AVAST Software
[2017/12/13 14:06:46 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\ClassicShell
[2017/11/28 19:20:45 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\GHISLER
[2016/06/28 09:46:19 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\HD Tune Pro
[2014/09/22 14:58:03 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\Synaptics
[2016/06/27 20:16:06 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\TeamViewer
[2016/06/27 20:16:06 | 000,000,000 | ---D | M] -- C:\Users\eva\AppData\Roaming\XnView

========== Purity Check ==========

< End of report >


OTL Extras logfile created on: 14. 12. 2017 17:29:17 - Run 1
OTL by OldTimer - Version Folder = C:\Users\eva\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18838)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy

3,89 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 44,26% Memory free
10,34 Gb Paging File | 7,96 Gb Available in Paging File | 77,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 146,48 Gb Total Space | 89,50 Gb Free Space | 61,10% Space Free | Partition Type: NTFS
Drive D: | 536,06 Gb Total Space | 85,92 Gb Free Space | 16,03% Space Free | Partition Type: NTFS
Drive X: | 15,21 Gb Total Space | 1,50 Gb Free Space | 9,85% Space Free | Partition Type: NTFS

Computer Name: PC-EVA | User Name: eva | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

"EnableFirewall" = 1
"DisableNotifications" = 0

"EnableFirewall" = 1
"DisableNotifications" = 0

"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

"{17A2D693-6227-450B-8562-ED8D4BFA492A}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{2C1A99C1-B528-4920-A050-1931EFF52BC7}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3F390E4B-8E68-41FD-AAA5-2526DE9B85B7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\4.58.2552.909\szbrowser.exe |
"{6254657D-4ED9-416C-9520-CE69D0CBFEA1}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\avast software\szbrowser\4.58.2552.909_0\szbrowser.exe |
"{9A947BC4-1DEA-4DB2-96EC-3EA1BC1ED03D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{EDDDE8F4-B041-45EC-B095-1EEA6051F395}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

"{10A8A6B9-6D5C-4F25-80BA-1B3078BF5B26}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{198FF3AD-55C1-453E-AB41-E129D2394B02}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{1F1B8D03-BA62-4305-92DE-023D94A5F22C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{24C3848D-EED7-49A0-ABF8-68E047DAA3C6}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{28E6AB6F-675C-478B-8DFB-02869944B29F}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{2EFA0984-6588-43D6-8EDE-1CEEC18C5ACE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe |
"{32BEDFA0-758B-48FF-B310-5D3C4985CC15}" = dir=out | name=@{microsoft.zunemusic_2.2.339.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{3A4074B0-CF63-4898-A1B8-AB365B0B44D1}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{40322CC5-B32A-40AA-9C29-8D969929AD7B}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20321_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4CE156A0-A00B-4234-9BAA-E767B6AF4EB8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{4FEA9458-C070-45CA-AB0F-61ED7F4072A5}" = dir=out | name=box |
"{504DEFB0-F66D-4284-9FCA-921F23B5CCA4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{5056266B-BD92-412D-8048-AF1A7DB739A1}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{5464DFAD-0693-4EC6-A857-E98FA8DF7A03}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer_service.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{567EB90D-55DD-4F01-8F54-C8C17E16F4BD}" = dir=in | name=box |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{615F2290-F817-4C71-8C17-1FBDB92245E3}" = dir=out | name=windows_ie_ac_001 |
"{63FCC966-C620-4975-A73B-1256B735E0DA}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{6455D5D7-F08F-43FE-8500-CBB355FC913B}" = dir=in | name=skype |
"{65D615C8-9B90-48F1-BF6A-80B4CE76B491}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{72C34FB8-553B-4E2A-AE4F-09CAFDF68DDF}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{821C6435-A8A9-4D8A-8BAA-EAB031C451FB}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{83595F42-815F-47E3-89A9-94CE15158425}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{84759BBD-658E-48AA-8D4E-D58DB5979144}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{86B91D82-3C00-4865-BAA4-EDCAB43300A6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{88EFE458-CF8D-484C-A731-47DE7592EB80}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20321_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{8F7FBFE2-B3D8-4D71-8573-E784022D3D5F}" = dir=out | name=youcam for hp |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A1A220EA-2A85-49DC-8551-53F564EDB6B6}" = dir=out | name=skype |
"{A7CED610-6F68-4B4C-A7A0-37A9BA388C0B}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{AB5F6A56-1A1A-4CD8-8B01-EB748F7D9CCC}" = dir=out | name=mcafee® central for hp |
"{ACB83880-47EC-4FCA-9843-98DDB3BABD53}" = dir=out | name=hp registration |
"{ACB928E6-DB37-4580-8BC7-BDAA8E97CA97}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{AF8B8633-B830-4E24-BEBF-79AC53859907}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B6517261-05BF-48A7-8DFC-525FCD601EFB}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{B90B1629-EC9E-4828-AB5C-51FC796419BD}" = dir=in | name=mcafee® central for hp |
"{CF922705-DAEF-4510-9EC5-E5114F4B77E0}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{D2C38B4E-8648-4EB7-B72F-C1CDF525F795}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{D6739FB1-FA7E-4EEE-B942-C8559D54EC29}" = dir=out | name=getting started with windows 8 |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D98AA2AE-75AC-4175-826B-A2D38969DCC0}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DC34E2FF-1ACA-407A-ACDB-7AC8E1520060}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{E4A211F6-CE2B-4948-90E8-95CA3B4817BC}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\teamviewer.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F11052B7-4978-4BEC-A2D0-582416CBC40C}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F43EF3E4-057B-47C2-BC9E-2B0A93E5E71A}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"TCP Query User{6A850791-DA6B-48A0-B5CC-90C01DE94234}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{16BCAEDC-C115-1729-07C4-7A0091C699A6}" = Mediatek Bluetooth
"{176E2755-0A17-42C6-88E2-192AB2131278}" = Intel(R) Trusted Execution Engine
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2D6248C0-4693-4CAB-9922-F05E4015F62A}" = Intel(R) Trusted Execution Engine
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes verze
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{36381D51-CC5E-4698-A0CC-E939C75EC9D8}" = Adblock Plus for IE (32-bit and 64-bit)
"{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}" = Energy Star
"{6307E820-0317-4DCE-AAE0-7B6CAD867055}" = Intel(R) Trusted Execution Engine Driver
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}" = DisableMSDefender
"{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}" = Classic Shell
"{891A1782-8B20-4403-8383-458962525926}" = HP Utility Center
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"CCleaner" = CCleaner
"Mozilla Firefox 57.0.2 (x64 cs)" = Mozilla Firefox 57.0.2 (x64 cs)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08466673-3905-4437-93E8-34A221B7CA4E}" = Fotogaléria
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{10640F6D-6AB0-401E-9FC6-A94D19C580BC}" = Windows Live UX Platform Language Pack
"{140754E1-C019-44A9-A81B-2D7625AABE8A}" = Photo Common
"{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}" = Photo Common
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}" = Photo Gallery
"{23AAEBF8-12B1-43EA-B75D-CDC613CA6CB4}" = Photo Common
"{28950295-A98C-4081-AC82-045E9879945E}" = Windows Live UX Platform Language Pack
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{379A0618-EF50-423C-9637-EEB2D25A4BB4}" = Movie Maker
"{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}" = Skype™ 7.40
"{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}" = Movie Maker
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{69BCE4AC-9572-3271-A2FB-9423BDA36A43}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6C88A66C-ECDA-4825-A582-8225626630CC}}_is1" = M3 Data Recovery Free version 5.2
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8C696B4B-6AB1-44BC-9416-96EAC474CABE}" = HP Support Assistant
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1" = Zemana AntiMalware
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2007
"{90120000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2007
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}" = Windows Live Essentials
"{9976E0BD-56A6-4A32-8597-B80FCE62063A}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-0804-1033-1959-001824245926}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AC0F074E4100}" = Adobe Acrobat Reader DC - Czech
"{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}" = Fotogalerie
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{BBF2AC74-720C-3CB3-8291-5E34039232FA}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}" = HP System Event Utility
"{CFBFE244-6269-41DC-85B6-86F99C88ED02}" = Movie Maker
"{D310DD60-9EF2-4C9C-AD66-A58185A1C7CB}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{e2803110-78b3-4664-a479-3611a381656a}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{ECF2E224-42F5-4E50-B58E-94CA70E85697}" = Google Earth Pro
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}" = HP Documentation
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FA29B84F-8306-4A62-A340-F2C41305E7AF}" = Windows Live Essentials
"{FD49537C-C3A6-4F8D-93E6-68C778A1E192}" = HP Recovery Manager
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player NPAPI" = Adobe Flash Player 28 NPAPI
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avast Antivirus" = Avast Free Antivirus
"C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9" = Intel(R) Sideband Fabric Device Driver
"CrystalDiskInfo_is1" = CrystalDiskInfo 7.5.0
"EaseUS Partition Master_is1" = EaseUS Partition Master 10.1
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"MozillaMaintenanceService" = Mozilla Maintenance Service
"SafeZone 4.58.2552.909" = SafeZone Stable 4.58.2552.909
"TeamViewer" = TeamViewer 13
"VLC media player" = VLC media player
"WinLiveSuite" = Windows Live Essentials
"XnView_is1" = XnView 2.35

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5. 12. 2017 7:06:02 | Computer Name = pc-eva | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 5. 12. 2017 7:06:03 | Computer Name = pc-eva | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Aplikaci windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel
se nepovedlo aktivovat, protože došlo k chybě: -2144927148. Další informace najdete
v protokolu Microsoft-Windows-TWinUI/Operational.

Error - 6. 12. 2017 13:30:28 | Computer Name = pc-eva | Source = Winlogon | ID = 4005
Description = Proces přihlášení do systému Windows byl neočekávaně ukončen.

Error - 6. 12. 2017 13:30:28 | Computer Name = pc-eva | Source = Winlogon | ID = 4005
Description = Proces přihlášení do systému Windows byl neočekávaně ukončen.

Error - 6. 12. 2017 13:30:28 | Computer Name = pc-eva | Source = Winlogon | ID = 4005
Description = Proces přihlášení do systému Windows byl neočekávaně ukončen.

Error - 7. 12. 2017 9:04:44 | Computer Name = pc-eva | Source = Microsoft Security Client | ID = 5000
Description =

Error - 7. 12. 2017 9:04:44 | Computer Name = pc-eva | Source = Microsoft Security Client | ID = 5000
Description =

Error - 7. 12. 2017 10:40:30 | Computer Name = pc-eva | Source = Application Error | ID = 1000
Description = Název chybující aplikace: iexplore.exe, verze: 11.0.9600.18817, časové
razítko: 0x59b1994e Název chybujícího modulu: IEFRAME.dll, verze: 11.0.9600.18838,
časové razítko: 0x59e1bc88 Kód výjimky: 0xc0000005 Posun chyby: 0x00000000002678af
chybujícího procesu: 0x1704 Čas spuštění chybující aplikace: 0x01d36f693a244241 Cesta
k chybující aplikaci: C:\Program Files\Internet Explorer\iexplore.exe Cesta k chybujícímu
modulu: C:\Windows\SYSTEM32\IEFRAME.dll ID zprávy: 91fbaa09-db5c-11e7-82d2-90489a0be2f4
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

Error - 8. 12. 2017 12:18:21 | Computer Name = pc-eva | Source = Application Hang | ID = 1002
Description = Program vlc.exe verze přestal spolupracovat se systémem Windows
a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému,
vyhledejte historii problému v ovládacím panelu Centrum akcí. ID procesu: 5c4 Čas
spuštění: 01d370400f0c0be8 Čas ukončení: 30 Cesta k aplikaci: C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

hlášení: 64c66fdb-dc33-11e7-82d3-90489a0be2f4 Úplný název chybujícího balíčku: ID
aplikace související s chybujícím balíčkem:

Error - 11. 12. 2017 19:07:19 | Computer Name = pc-eva | Source = Application Error | ID = 1000
Description = Název chybující aplikace: vlc.exe, verze:, časové razítko:
0x00000004 Název chybujícího modulu: mbae.dll, verze:, časové razítko:
0x59d22dfe Kód výjimky: 0xc0000005 Posun chyby: 0x00028836 ID chybujícího procesu:
0x1774 Čas spuštění chybující aplikace: 0x01d372d4a5ce857a Cesta k chybující aplikaci:
C:\Program Files (x86)\VideoLAN\VLC\vlc.exe Cesta k chybujícímu modulu: C:\Program
Files\Malwarebytes\Anti-Malware\mbae.dll ID zprávy: 08fb51b2-dec8-11e7-82d5-90489a0be2f4
název chybujícího balíčku: ID aplikace související s chybujícím balíčkem:

[ System Events ]
Error - 14. 5. 2017 14:21:18 | Computer Name = pc-eva | Source = DCOM | ID = 10010
Description =

Error - 14. 5. 2017 14:21:48 | Computer Name = pc-eva | Source = DCOM | ID = 10010
Description =

Error - 14. 5. 2017 14:36:58 | Computer Name = pc-eva | Source = Service Control Manager | ID = 7034
Description = Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně
ukončena. Tento stav nastal již 10krát.

Error - 14. 5. 2017 15:51:11 | Computer Name = pc-eva | Source = Service Control Manager | ID = 7034
Description = Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně
ukončena. Tento stav nastal již 11krát.

Error - 15. 5. 2017 2:50:42 | Computer Name = pc-eva | Source = Service Control Manager | ID = 7034
Description = Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně
ukončena. Tento stav nastal již 12krát.

Error - 15. 5. 2017 6:20:33 | Computer Name = pc-eva | Source = Service Control Manager | ID = 7034
Description = Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně
ukončena. Tento stav nastal již 13krát.

Error - 15. 5. 2017 18:04:47 | Computer Name = pc-eva | Source = Service Control Manager | ID = 7034
Description = Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně
ukončena. Tento stav nastal již 14krát.

Error - 16. 5. 2017 3:06:34 | Computer Name = pc-eva | Source = DCOM | ID = 10010
Description =

Error - 16. 5. 2017 3:07:04 | Computer Name = pc-eva | Source = DCOM | ID = 10010
Description =

Error - 16. 5. 2017 3:13:18 | Computer Name = pc-eva | Source = Service Control Manager | ID = 7034
Description = Služba CyberLink PowerDVD 12 Media Server Service byla neočekávaně
ukončena. Tento stav nastal již 15krát.

< End of report >

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod jaro3 » 14 pro 2017 20:16

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CMNTDFJS
IE - HKCU\..\SearchScopes,DefaultScope = {036C376D-363F-4535-AC8F-03ABBEFDB22C}
IE - HKCU\..\SearchScopes\{036C376D-363F-4535-AC8F-03ABBEFDB22C}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll File not found
[2016/09/05 17:33:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Extensions
[2017/11/23 18:13:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\SystemExtensionsDev
[2017/11/28 19:20:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data
[2017/12/14 17:26:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2017/10/05 23:06:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\screenshots@mozilla.org
[2017/12/13 10:44:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\extensions
[2017/12/13 10:44:42 | 001,044,671 | ---- | M] () (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017/12/11 10:13:38 | 000,005,507 | ---- | M] () (No name found) -- C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\features\{e1a081e9-f85d-4db9-886b-faafd47366b9}\disable-media-wmf-nv12@mozilla.org.xpi
[2017/12/08 12:21:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
[2014/03/08 23:15:28 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2017/09/09 19:53:33 | 022,361,864 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
"" = %SystemRoot%\system32\shell32.dll -- [2017/09/09 18:55:46 | 019,790,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/10/29 02:19:43 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/10/29 01:59:23 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/10/29 02:16:01 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

c:\windows\Tasks\*.job /s
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Program Files (x86)\*.tmp
C:\Program Files (x86)\*.tmp

[start explorer]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod Korzarek » 15 pro 2017 16:55

Tady to je:

All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{036C376D-363F-4535-AC8F-03ABBEFDB22C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{036C376D-363F-4535-AC8F-03ABBEFDB22C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
C:\Users\eva\AppData\Roaming\Mozilla\Extensions folder moved successfully.
C:\Users\eva\AppData\Roaming\Mozilla\SystemExtensionsDev folder moved successfully.
C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} folder moved successfully.
C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\screenshots@mozilla.org folder moved successfully.
C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data folder moved successfully.
Folder C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\ not found.
Folder C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\browser-extension-data\screenshots@mozilla.org\ not found.
C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\extensions folder moved successfully.
File C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Users\eva\AppData\Roaming\Mozilla\Firefox\Profiles\i63ez4q9.default\features\{e1a081e9-f85d-4db9-886b-faafd47366b9}\disable-media-wmf-nv12@mozilla.org.xpi moved successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions folder moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
C:\Windows\assembly\Desktop.ini moved successfully.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 not found.
File EY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 not found.
File EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64\ not found.
Folder EY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
File\Folder c:\windows\Tasks\*.job not found.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Program Files\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\Windows\SysNative\drivers\asw11bd5772ea870900.tmp moved successfully.
C:\Windows\SysNative\drivers\asw15db5a5a0298439a.tmp moved successfully.
C:\Windows\SysNative\drivers\asw19b3e9116844d25c.tmp moved successfully.
C:\Windows\SysNative\drivers\asw26ac4c4b2c759886.tmp moved successfully.
C:\Windows\SysNative\drivers\asw2965776ce347df40.tmp moved successfully.
C:\Windows\SysNative\drivers\asw29b683dd2e606315.tmp moved successfully.
C:\Windows\SysNative\drivers\asw2b8215ba95e57ff6.tmp moved successfully.
C:\Windows\SysNative\drivers\asw2ef1181a869f4fa0.tmp moved successfully.
C:\Windows\SysNative\drivers\asw5cab6a39f7a6b73a.tmp moved successfully.
C:\Windows\SysNative\drivers\asw9ee97d80a85a4100.tmp moved successfully.
C:\Windows\SysNative\drivers\aswbeee36445b809f79.tmp moved successfully.
C:\Windows\SysNative\drivers\aswfb105b693cafd95a.tmp moved successfully.
File\Folder C:\Windows\SysWow64\drivers\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
File\Folder C:\Windows\SysWow64\*.tmp not found.
File\Folder C:\Windows\SysNative\*.tmp not found.
File\Folder C:\Program Files (x86)\*.tmp not found.
========== REGISTRY ==========
========== COMMANDS ==========


User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: eva
->Temp folder emptied: 16138437 bytes
->Temporary Internet Files folder emptied: 188538349 bytes
->FireFox cache emptied: 32688422 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 1194 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 683372 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 227 bytes

Total Files Cleaned = 227,00 mb

OTL by OldTimer - Version log created on 12152017_160536

Files\Folders moved on Reboot...
C:\Users\eva\AppData\Local\Microsoft\Windows\INetCache\counters.dat moved successfully.
File move failed. C:\Windows\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt moved successfully.
C:\Windows\temp\avast_ash2\Mozilla Firefox (64 Bit)\download.ini moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod jaro3 » 15 pro 2017 18:50

nějak nerozumím těm hodnotám času, potřebného k roztočení ploten.
000000000968 Čas na roztočení ploten
00000000096F Čas na roztočení ploten
V jakých jednotkách to je? Mám to čas od času sledovat, jestli se to nebude zhoršovat?

Čas potřebný k roztočení ploten. S časem se zhoršuje, avšak poměrně pomalu. Náhlá změna značí poškození motorku otáčejícího plotny.

je to v šestnáckové soustavě , hexadecimální.

Co problémy? Viry v tom nehrají roli.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod Korzarek » 16 pro 2017 12:11

Zlepšení určitě nastalo, jak při startu PC, tak při načítání stránek v prohlížečích. Zůstává trochu línější při startu Mozilly, ale je to lepší než dříve, takže v poho. Úkol splněn na "1" :-)
Ještě k těm plotnám. Nevím, jak mám sledovat ty hodnoty v 16kové soustavě a jestli vůbec. Když v tom neumím počítat, těžko poznám zhoršení.

A poslední prosba: chtělo by se ti projet mi ještě jeden NTB? Nemám sice nějaký konkrétní problém, ale preventivně bych ho rád zkontroloval. Mám sem hodit log + ostatní dle tvých prvních příspěvků? Nebo na to mám založit solo vlákno?

Uživatelský avatar
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43071
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu

Příspěvekod jaro3 » 17 pro 2017 09:30

Důležité jsou hodnoty RAW , s tím Ti poradí kolegové v sekci HW.

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

S tím druhým ntb si založ další téma.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Příspěvky: 42
Registrován: leden 09
Pohlaví: Muž

Re: zpomalený PC-prosím o kontrolu logu  Vyřešeno

Příspěvekod Korzarek » 18 pro 2017 18:15

Dík moc,

ohledně druhého NTB jsem ti napsal zprávu.

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 12 hostů