Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Work Computer is Barely Functioning


  • Please log in to reply

#1
moose35

moose35

    Member

  • Member
  • PipPip
  • 27 posts

Hi guys,

 

Great work you people do here and I was hoping I might be another lucky soul to have his PC saved.

 

This is an old Windows 7 laptop that has begun to slowly deteriorate, in regards to its performance. Music open at the same time as Google Chrome makes things almost unworkable. I haven't watched a Youtube video that ran smoothly in ages. Opening up programs like Thunderbird or Photoshop takes forever and these programs often freeze when I am working. 

 

I am not completely sure if this is a virus or some other issue, but I was hoping to have a look at it and get things back. 

 

Below are the 2 FRST logs you guys request. Many thanks in advance.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Zuzana (administrator) on PETERSULEK (11-03-2016 10:49:16)
Running from C:\Users\Zuzana\Desktop
Loaded Profiles: Zuzana (Available Profiles: Zuzana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
() C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Flux Software LLC) C:\Users\Zuzana\AppData\Local\FluxSoftware\Flux\flux.exe
(Google Inc.) C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
() C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE [508312 2009-12-15] (CANON INC.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe [4133072 2012-07-04] (ESET)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-02-01] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23499656 2016-01-15] (Google)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [Google Update] => C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [Facebook Update] => C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-04] (Facebook Inc.)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [f.lux] => C:\Users\Zuzana\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [uTorrent] => C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe [2094080 2016-03-04] (BitTorrent Inc.)
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-01-15] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{16C7275A-ACBD-45B4-AD46-C66E7D54A398}: [NameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{467EC41F-84EA-46CD-88AF-4CB24D1C7311}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CCCCCAE3-FCE4-4901-BD0F-6E47AF7A760C}: [NameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{EB40A22C-5CA4-4CA0-98B5-0F54AE63633E}: [DhcpNameServer] 195.146.132.58 195.146.128.62
 
Internet Explorer:
==================
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071613
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-05-03] (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-07-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-07-23] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-07-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-07-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-07-25] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-04-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-07-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-10-01] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Zuzana\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-03-25] (Citrix Online)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @cnw.com/cnwplugin -> C:\Users\Zuzana\AppData\Roaming\AnyMeeting\npcnwplugin.dll [2014-12-10] (AnyMeeting, Inc.)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Zuzana\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Zuzana\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @talk.google.com/O1DPlugin -> C:\Users\Zuzana\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2625221743-1896352500-3224387153-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Zuzana\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Zuzana\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Test Pilot - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default\extensions\[email protected] [2013-11-20] [not signed]
FF Extension: Keep Tube Downloader - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default\extensions\[email protected] [2013-12-03] [not signed]
FF Extension: MP4 Downloader - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default\extensions\[email protected] [2013-12-03] [not signed]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default\extensions\[email protected] [2015-03-21] [not signed]
FF Extension: YouTube Video and Audio Downloader - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default\Extensions\[email protected] [2015-02-15] [not signed]
FF Extension: Adblock Plus - C:\Users\Zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\h93azb4q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-19] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
FF Extension: ESET Endpoint Security Extension - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird [2013-02-28] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Endpoint Antivirus\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071613
CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071613"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\gcswf32.dll => No File
CHR Plugin: (Google Update) - C:\Users\Zuzana\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Search) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Video downloader pro) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem [2014-11-30]
CHR Extension: (Google Docs Offline) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (AdBlock) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-11]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-02-21]
CHR Extension: (Skype) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Gmail) - C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Zuzana\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-31]
CHR HKLM-x32\...\Chrome\Extension: [aaaaoiagmlcohkmjodefppbmpjdiocmh] - C:\Users\Zuzana\AppData\Local\APN\GoogleCRXs\aaaaoiagmlcohkmjodefppbmpjdiocmh_7.15.9.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
StartMenuInternet: Google Chrome.PCLTLG43JWTKX23DNGQGLRI7PE - C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\EHttpSrv.exe [35720 2012-07-04] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [999704 2012-07-04] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Antivirus\EShaSrv.exe [190208 2012-07-04] (ESET)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-31] (IObit)
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [651856 2013-10-26] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230920 2012-10-01] (Nitro PDF Software)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\STacSV64.exe [244736 2010-02-01] (IDT, Inc.)
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe [381312 2012-06-28] () [File not signed]
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-10-05] (Company) [File not signed]
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248704 2012-09-18] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-02] (Dell Inc.) [File not signed]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-13] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-18] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2012-07-10] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [179920 2012-07-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [152136 2012-03-29] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [140752 2012-03-29] (ESET)
S3 hwusb_cdcacm; C:\Windows\System32\DRIVERS\ew_cdcacm.sys [124800 2014-06-11] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\Windows\System32\DRIVERS\ew_wwanecm.sys [379392 2014-05-04] (Huawei Technologies Co., Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-08-19] (Riverbed Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-11 10:49 - 2016-03-11 10:51 - 00023023 _____ C:\Users\Zuzana\Desktop\FRST.txt
2016-03-11 10:47 - 2016-03-11 10:48 - 02374144 _____ (Farbar) C:\Users\Zuzana\Desktop\FRST64.exe
2016-03-11 07:14 - 2016-03-11 07:14 - 00904888 RSHOT (Auslogics) C:\Windows\SysWOW64\ActionCenterForms.dll
2016-03-05 12:26 - 2016-03-11 07:15 - 00000000 ____D C:\Users\Zuzana\AppData\LocalLow\uTorrent
2016-03-01 18:56 - 2016-03-03 16:03 - 00002635 ____N C:\Users\Zuzana\Desktop\emailtoattendants_warsaw.txt
2016-03-01 09:44 - 2016-03-01 09:44 - 00001417 ____N C:\Users\Zuzana\Desktop\Board Email.txt
2016-02-20 20:50 - 2016-02-21 15:49 - 00000000 ____D C:\Users\Zuzana\Praat
2016-02-18 12:56 - 2016-02-18 12:57 - 00000000 ____D C:\Users\Zuzana\Desktop\2016-02-18
2016-02-16 21:57 - 2016-02-22 11:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-02-16 14:00 - 2016-02-18 13:06 - 00000146 ____N C:\Users\Zuzana\Desktop\todo_Thursday.txt
2016-02-15 00:22 - 2016-02-15 00:22 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Adobe
2016-02-15 00:22 - 2016-02-15 00:22 - 00000000 ____D C:\Users\Zuzana\AppData\Local\Adobe
2016-02-15 00:22 - 2016-02-15 00:22 - 00000000 ____D C:\ProgramData\Adobe
2016-02-14 09:35 - 2016-02-14 09:35 - 00000000 ____D C:\Users\Zuzana\Desktop\The Life Of Pablo
2016-02-13 17:54 - 2016-02-13 17:55 - 05083296 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-13 12:57 - 2016-02-13 12:57 - 00119512 _____ C:\Users\Zuzana\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-12 22:29 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-12 22:29 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-12 22:29 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-12 22:29 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-12 22:29 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-12 22:29 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-12 22:29 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-12 22:29 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-12 22:29 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-12 22:29 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-12 22:29 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-12 22:29 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-12 22:29 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-12 22:29 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-12 22:29 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-12 22:29 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-12 22:29 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-12 22:29 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-12 22:29 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-12 22:29 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-12 22:28 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-12 22:28 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-12 22:28 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-12 22:28 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-12 22:28 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-12 22:28 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-12 22:28 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-12 22:28 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-12 22:28 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-12 22:28 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-12 22:28 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-12 22:28 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-12 22:28 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-12 22:28 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-12 22:28 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-12 22:28 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-12 22:28 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-12 22:28 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-12 22:28 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-12 22:28 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-12 22:28 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-12 22:28 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-12 22:28 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-12 22:28 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-12 22:28 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-12 22:28 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-12 22:28 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-12 22:28 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-12 22:28 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-12 22:28 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-12 22:28 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-12 22:28 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-12 22:27 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-12 22:27 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-12 22:27 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-12 22:27 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-12 22:26 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-12 22:26 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-12 22:26 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-12 22:26 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-12 22:26 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-12 22:26 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-12 22:26 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-12 22:26 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-12 22:26 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-12 22:26 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-12 22:26 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-12 22:26 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-12 22:26 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-12 22:25 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-12 22:24 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-12 22:23 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-12 22:23 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-12 22:20 - 2016-02-12 22:21 - 00024566 ____N C:\Users\Zuzana\Desktop\cc_20160212_222045.reg
2016-02-12 22:20 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-12 22:20 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-12 22:20 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-12 22:20 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-12 22:20 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-12 22:20 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-12 22:20 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-12 22:20 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-12 22:20 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-12 22:20 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-12 22:20 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-12 22:20 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-12 22:20 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-12 22:20 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-12 22:20 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-12 22:20 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-12 22:20 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-12 22:20 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-12 22:20 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-12 22:20 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-12 22:20 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-12 22:19 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-12 22:19 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-12 22:19 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-12 22:19 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-12 22:19 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-12 22:19 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-12 22:19 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-12 22:19 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-12 22:19 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-12 22:19 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-12 22:19 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-12 22:19 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-12 22:19 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-12 22:19 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-12 22:19 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-12 22:19 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-12 22:19 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-12 22:19 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-12 22:19 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-12 22:19 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-12 22:19 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-12 22:19 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-12 22:19 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-12 22:19 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-12 22:19 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-12 22:19 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-12 22:19 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-12 22:19 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-12 22:19 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-12 22:19 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-12 22:19 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-12 22:19 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-12 22:19 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-12 22:19 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-12 22:19 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-12 20:55 - 2016-02-12 20:55 - 00027183 _____ C:\Users\Zuzana\Downloads\this.is.the.end.(2013).slo.1cd.(5745371).zip
2016-02-12 18:52 - 2016-02-12 18:52 - 00001427 _____ C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-11 11:30 - 2016-02-19 23:54 - 00002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-11 11:30 - 2016-02-19 23:54 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-03-11 10:51 - 2012-07-19 10:33 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA.job
2016-03-11 10:49 - 2014-09-17 11:08 - 00000000 ____D C:\FRST
2016-03-11 10:49 - 2014-03-25 14:56 - 00000540 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2625221743-1896352500-3224387153-1000.job
2016-03-11 10:45 - 2012-07-23 10:34 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-11 10:39 - 2015-06-01 11:51 - 00000636 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2625221743-1896352500-3224387153-1000.job
2016-03-11 10:12 - 2009-07-14 05:45 - 00023264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-11 10:12 - 2009-07-14 05:45 - 00023264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-11 10:06 - 2015-11-07 13:37 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\5kplayer
2016-03-11 10:04 - 2014-11-04 00:57 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA.job
2016-03-11 09:59 - 2013-05-31 02:15 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-11 09:34 - 2015-11-18 11:15 - 00473920 ____H C:\Users\Zuzana\drlog.txt
2016-03-11 09:34 - 2012-10-18 18:34 - 00000300 _____ C:\Windows\Tasks\Synology Data Replicator 3-PC107-Zuzana.job
2016-03-11 07:45 - 2012-07-23 10:34 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-11 07:45 - 2012-07-23 10:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 07:45 - 2012-07-23 10:34 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 07:15 - 2012-07-23 10:43 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\Skype
2016-03-11 07:14 - 2014-02-15 15:09 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\uTorrent
2016-03-11 07:13 - 2015-05-03 16:59 - 00000000 ____D C:\ProgramData\ProductData
2016-03-11 07:12 - 2013-05-31 02:15 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-11 07:11 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-11 07:06 - 2014-11-04 00:57 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core.job
2016-03-11 07:02 - 2012-07-19 10:33 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core.job
2016-03-09 11:13 - 2013-10-26 22:55 - 00000000 ____D C:\Users\Zuzana\AppData\Roaming\vlc
2016-03-08 10:45 - 2014-08-26 11:49 - 00000000 ____D C:\Users\Zuzana\Desktop\EAQA
2016-03-07 11:17 - 2014-08-26 11:59 - 00000000 ____D C:\Users\Zuzana\Desktop\Personal
2016-03-06 13:10 - 2009-07-14 06:13 - 00782902 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-06 13:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-05 06:41 - 2015-06-01 11:51 - 00003672 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-2625221743-1896352500-3224387153-1000
2016-03-05 06:41 - 2014-03-25 14:56 - 00003576 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2625221743-1896352500-3224387153-1000
2016-03-01 07:13 - 2012-10-15 08:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-29 22:25 - 2014-12-27 17:24 - 00000000 ____D C:\KMPlayer
2016-02-20 20:50 - 2012-07-19 09:58 - 00000000 ____D C:\Users\Zuzana
2016-02-20 20:22 - 2015-12-04 15:41 - 00000000 ____D C:\Users\Zuzana\Desktop\New folder
2016-02-20 20:09 - 2015-11-15 20:40 - 00000000 ____D C:\Users\Zuzana\Desktop\New Album
2016-02-13 17:51 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-13 13:28 - 2014-04-16 02:24 - 00000000 ____D C:\Windows\system32\MRT
2016-02-13 12:46 - 2013-02-28 17:04 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-11 14:14 - 2012-07-19 19:50 - 00000000 ____D C:\Windows\Panther
2016-02-11 13:40 - 2014-08-26 11:50 - 00000000 ____D C:\Users\Zuzana\Desktop\StudentMarket
2016-02-11 12:50 - 2014-11-20 20:00 - 00000000 ____D C:\Users\Zuzana\Desktop\UMB
2016-02-11 11:29 - 2013-05-31 02:15 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-11 11:26 - 2014-11-23 22:06 - 00000000 __SHD C:\Users\Zuzana\AppData\Local\EmieBrowserModeList
2016-02-11 11:26 - 2014-04-25 07:25 - 00000000 __SHD C:\Users\Zuzana\AppData\Local\EmieUserList
2016-02-11 11:26 - 2014-04-25 07:25 - 00000000 __SHD C:\Users\Zuzana\AppData\Local\EmieSiteList
2016-02-10 10:55 - 2013-05-31 02:15 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-10 10:54 - 2013-05-31 02:15 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
==================== Files in the root of some directories =======
 
2013-05-21 07:29 - 2014-06-24 00:02 - 0003729 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2015-04-13 09:57 - 2015-04-13 13:00 - 0000096 _____ () C:\Users\Zuzana\AppData\Roaming\Camdata.ini
2015-04-13 09:57 - 2015-04-13 13:00 - 0000408 _____ () C:\Users\Zuzana\AppData\Roaming\CamLayout.ini
2015-04-13 09:57 - 2015-04-13 13:00 - 0000408 _____ () C:\Users\Zuzana\AppData\Roaming\CamShapes.ini
2015-04-13 09:57 - 2015-04-13 13:00 - 0004547 _____ () C:\Users\Zuzana\AppData\Roaming\CamStudio.cfg
2015-04-13 09:55 - 2015-04-13 10:05 - 0000096 _____ () C:\Users\Zuzana\AppData\Roaming\version2.xml
2013-09-13 13:14 - 2014-01-10 11:20 - 0000130 _____ () C:\Users\Zuzana\AppData\Roaming\WB.CFG
2013-02-21 12:32 - 2014-04-16 16:11 - 0003584 _____ () C:\Users\Zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-12 16:25 - 2012-10-12 16:25 - 0027520 _____ () C:\Users\Zuzana\AppData\Local\dt.dat
2014-03-01 09:12 - 2014-03-01 09:12 - 0004096 ____H () C:\Users\Zuzana\AppData\Local\keyfile3.drm
2015-07-10 12:22 - 2015-07-10 12:22 - 0002785 _____ () C:\Users\Zuzana\AppData\Local\recently-used.xbel
2012-10-18 18:44 - 2014-01-22 20:15 - 0003002 _____ () C:\ProgramData\hpzinstall.log
 
Some files in TEMP:
====================
C:\Users\Zuzana\AppData\Local\Temp\h0a0wg2m.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-19 11:14
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Zuzana (2016-03-11 10:56:30)
Running from C:\Users\Zuzana\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-07-19 08:58:07)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2625221743-1896352500-3224387153-500 - Administrator - Disabled)
Guest (S-1-5-21-2625221743-1896352500-3224387153-501 - Limited - Disabled)
Zuzana (S-1-5-21-2625221743-1896352500-3224387153-1000 - Administrator - Enabled) => C:\Users\Zuzana
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\uTorrent) (Version: 3.4.5.41865 - BitTorrent Inc.)
5KPlayer 3.1 (HKLM-x32\...\5KPlayer_is1) (Version:  - DearMob, Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Aktualizácia Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_ENTERPRISE_{9A8C39B0-D27F-4F81-BE74-2FECF164707E}) (Version:  - Microsoft)
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_ENTERPRISE_{CE23B3DC-18CC-46FC-A309-81D6670F8D3D}) (Version:  - Microsoft)
Aktualizácia Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_ENTERPRISE_{D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}) (Version:  - Microsoft)
AMR to MP3 Converter 1.4 (HKLM-x32\...\{C615B4A6-DDE8-4325-BCF8-E53E913D95E9}_is1) (Version:  - www.amrtomp3converter.com)
AnyMeeting (HKLM-x32\...\{4DF71428-E2A8-4FED-8D67-B37D706D008F}) (Version: 3.1.0 - AnyMeeting, Inc.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{7A8A100D-3ECB-311C-E7A1-4A9FEB8BB209}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Auslogics BoostSpeed 8 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 8.0.1.0 - Auslogics Labs Pty Ltd)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.0.0.0 - Auslogics Labs Pty Ltd)
AVI&WMV (HKLM-x32\...\{ABC86EE3-425F-43B9-9A4F-4AA765B5A4FB}_is1) (Version:  - www.aviwmv.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
Bullzip PDF Printer 9.2.0.1499 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.2.0.1499 - Bullzip)
CamStudio 2.7.3 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.3 - CamStudio Open Source)
Canon MF Toolbox 4.9.1.1.mf12 (HKLM-x32\...\{6767DFEE-8909-453A-B553-C7693912B2EB}) (Version: 4.9.1.1.mf12 - CANON INC.)
Canon MF8000C Series (HKLM\...\{A7581B61-C9F9-4fea-B845-E7733C17EC19}) (Version: 3.9.0.0 - CANON INC.)
ccc-core-static (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Citrix Online Launcher (HKLM-x32\...\{B025BA0B-64A6-46DE-9D64-32965C83CCA9}) (Version: 1.0.179 - Citrix)
Convert AVI to MP4 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp4.com)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dell System Detect (HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)
Dream AMR to MP3 Converter 3.0.1.0 (HKLM-x32\...\{66712EEE-ECBC-4CA4-A474-dream-amr-to-mp3-converter}_is1) (Version:  - DreamVideSoft,Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - )
ESET Endpoint Antivirus (HKLM\...\{4DE2F12A-08BB-4DB7-A1CA-9661BE2172DF}) (Version: 5.0.2126.4 - ESET, spol s r. o.)
f.lux (HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Flux) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 5.4.3.920 - Foxit Corporation)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Google Drive (HKLM-x32\...\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}) (Version: 1.27.1227.2094 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Spoločnosť Google Inc.)
Google Chrome (HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\Google Chrome) (Version: 48.0.2564.116 - Spoločnosť Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GoToMeeting 7.13.0.4542 (HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\GoToMeeting) (Version: 7.13.0.4542 - CitrixOnline)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version:  - )
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6 (HKLM\...\{68550918-63B5-4762-85CB-3C160AA4B213}) (Version: 14.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6269.0 - IDT)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.118 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Java™ 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version:  - )
LibreOffice 3.5 (HKLM-x32\...\{B1F9C834-0594-4563-B344-4ED9599A5945}) (Version: 3.5.5.3 - The Document Foundation)
Mail List Validator 2.0 (HKLM-x32\...\Mail List Validator_is1) (Version: 2.0 - Business Software Products)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 23.015.05.01.85 - Huawei Technologies Co.,Ltd)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 sk)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nitro Pro 8 (HKLM\...\{0BEFCFE0-4373-41B6-8924-85FA78C9514D}) (Version: 8.0.3.1 - Nitro)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeaZip 4.6.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Questionmark Secure Browser (HKLM-x32\...\{E429EE2E-B76C-4553-8B04-B45587F00FD1}) (Version: 5.3.0.4 - Questionmark Computing Ltd)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0004 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.00035 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Sonic Adventure 2 © SEGA version 1 (HKLM-x32\...\Sonic Adventure 2 © SEGA_is1) (Version: 1 - )
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Data Replicator  3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
TouchCopy 12 (HKLM-x32\...\{EB775F20-F363-4A01-8A89-3C89AE1E373D}) (Version: 12.53 - Wide Angle Software)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2625221743-1896352500-3224387153-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2625221743-1896352500-3224387153-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2625221743-1896352500-3224387153-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {018B2E4B-C822-49AF-B9E0-9E53E99C7336} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA => C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-04] (Facebook Inc.)
Task: {156271D8-5FA2-4A62-9C74-C9799C1C0372} - System32\Tasks\Uninstaller_SkipUac_Zuzana => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-05-03] (IObit)
Task: {17DA1D68-67E1-4098-9BE4-79AA17C7BDCF} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {25A226FB-C567-4247-97B5-90B58BAF944B} - System32\Tasks\{280AC382-4732-400A-83A8-C9914E89DEA1} => pcalua.exe -a "E:\Quake III Arena\Setup.exe" -d "E:\Quake III Arena"
Task: {2847EEEA-18C8-44E2-9169-D52A1B11B23A} - System32\Tasks\AdobeAAMUpdater-1.0-PETERSULEK-Zuzana => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {2C45E93D-02D4-496A-A2C1-6E1F849A8401} - System32\Tasks\G2MUpdateTask-S-1-5-21-2625221743-1896352500-3224387153-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\4542\g2mupdate.exe [2016-03-05] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {423150E2-B188-4F9C-BD8A-BE5B016D72B4} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Zuzana logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2015-07-07] (Auslogics)
Task: {4389E058-27DD-4F27-8350-89BB575FF4DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {58C13799-278E-4993-84AE-CA79ED71447A} - System32\Tasks\{8040BBFA-0A51-4F47-8934-BEB1D9D22181} => pcalua.exe -a C:\Users\Zuzana\Desktop\Apps\PhotoshopPortable.exe -d C:\Users\Zuzana\Desktop\Apps
Task: {652AC782-1CBE-47BE-95ED-A61F1373A41A} - System32\Tasks\{2DE29C43-DCD8-4441-942D-462F380FAC8E} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar
Task: {653331A2-44A3-4802-AB13-054FC535C2E1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA => C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {728CFFEC-8E34-4242-9CD0-30EE02487984} - System32\Tasks\{D1033A77-AC6A-460E-83E4-9A07B43824A9} => pcalua.exe -a "C:\!Peter Sulek\Programs\Photoshop Portable\Photoshop CS4\PhotoshopPortable.exe" -d "C:\!Peter Sulek\Programs\Photoshop Portable\Photoshop CS4"
Task: {73212BA7-4012-4AF4-ACC8-41E753E55CA1} - System32\Tasks\G2MUploadTask-S-1-5-21-2625221743-1896352500-3224387153-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\4542\g2mupload.exe [2016-03-05] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {7694EF55-232E-44B7-8FDC-D9A085F8EB96} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core => C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {A3616C4F-A416-4388-90F2-3EB647F43C13} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core => C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-04] (Facebook Inc.)
Task: {A586AA25-6DCD-46FB-809C-9F8F94D04358} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-11] (Adobe Systems Incorporated)
Task: {A82F5D2A-A3C9-48B5-AD7F-23F2E6B55E03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {AE4BB421-2979-4709-8E0B-8B409C0F402C} - System32\Tasks\Synology Data Replicator 3-PC107-Zuzana => C:\Program Files (x86)\Synology Data Replicator  3\Backup.exe [2012-06-28] (Synology Inc.)
Task: {D081AAAE-4582-4697-8A8E-1D9FBBCD0852} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D6E88392-B4FC-4027-8873-F433450EC025} - System32\Tasks\{5D76580F-E3F3-4FEB-BCB9-DE97C6426614} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {F196601A-5E68-4464-BA78-D4647DDABA52} - System32\Tasks\{EDBED1D7-B7EF-4613-ADEA-99698C33B9D9} => Chrome.exe hxxp://ui.skype.com/ui/0/6.0.0.126/en/abandoninstall?page=tsProgressBar
Task: {F30554D9-6BA4-433B-97AD-621C2D898811} - System32\Tasks\{898602FE-0581-4073-AB42-57ACAE82DB10} => pcalua.exe -a "C:\!Peter Sulek\Games\CS 1.6\upg non steam.exe" -d "C:\!Peter Sulek\Games\CS 1.6"
Task: {FE45A3BE-3269-4787-876D-7888CD22F1F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core.job => C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA.job => C:\Users\Zuzana\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2625221743-1896352500-3224387153-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\4542\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-2625221743-1896352500-3224387153-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\4542\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core.job => C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA.job => C:\Users\Zuzana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Synology Data Replicator 3-PC107-Zuzana.job => C:\Program Files (x86)\Synology Data Replicator  3\Backup.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-01-23 10:43 - 2012-08-31 15:03 - 00288768 _____ () C:\Windows\System32\HP1100LM.DLL
2014-01-23 10:05 - 2011-04-02 16:04 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-01-15 04:42 - 2014-01-15 04:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2015-01-13 21:42 - 2013-10-26 10:45 - 00651856 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2012-06-28 03:10 - 2012-06-28 03:10 - 00381312 _____ () C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe
2012-09-18 04:10 - 2012-09-18 04:10 - 00248704 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2010-03-08 10:02 - 2010-03-08 10:02 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-07-19 10:42 - 2012-07-19 10:42 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-11-07 13:37 - 2015-09-29 18:10 - 04055936 _____ () C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
2012-08-27 20:33 - 2012-08-27 20:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 20:33 - 2012-08-27 20:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-13 21:42 - 2013-08-31 06:44 - 02417152 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2015-01-13 21:42 - 2009-01-10 19:32 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2015-01-13 21:42 - 2009-06-23 03:42 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2015-01-13 21:42 - 2013-08-31 06:46 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2016-02-19 23:54 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 23:54 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2005-08-14 21:09 - 2005-08-14 21:09 - 00111616 _____ () C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll
2015-11-07 13:34 - 2012-04-09 00:40 - 03470848 _____ () C:\Users\Zuzana\AppData\Roaming\BSplayer\FFDShow\ffdshow.ax
2015-11-07 13:34 - 2012-04-09 00:39 - 00146944 _____ () C:\Users\Zuzana\AppData\Roaming\BSplayer\FFDShow\ff_libmad.dll
2015-11-07 13:34 - 2009-08-11 21:19 - 00797184 _____ () C:\Users\Zuzana\AppData\Roaming\BSplayer\AC3 Filter\ac3filter.ax
2015-11-07 13:34 - 2009-08-11 21:21 - 01021440 _____ () C:\Users\Zuzana\AppData\Roaming\BSplayer\AC3 Filter\ac3filter_intl.dll
2015-11-07 13:37 - 2015-09-28 18:29 - 07864208 _____ () C:\Program Files (x86)\DearMob\5KPlayer\airplay.DLL
2015-11-07 13:37 - 2015-04-10 14:25 - 00127288 _____ () C:\Program Files (x86)\DearMob\5KPlayer\libvlc.DLL
2015-11-07 13:37 - 2015-04-10 14:25 - 01910072 _____ () C:\Program Files (x86)\DearMob\5KPlayer\libvlccore.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00269331 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdshow_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00027667 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libdirectsound_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00031251 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_output\libwaveout_plugin.dll
2015-11-07 13:38 - 2015-03-04 13:15 - 00070163 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\video_output\libdirectdraw_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00036371 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libfolder_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00076307 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_vdr_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00045587 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libfilesystem_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 02098195 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\liblibbluray_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00064019 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libsmooth_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00534547 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libhttplive_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00101907 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libaccess_bd_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00710163 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\libdash_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00243731 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libdvdnav_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00115731 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libzip_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00040467 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\access\libstream_filter_rar_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00015891 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\stream_filter\librecord_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00203795 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\demux\libmp4_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00292371 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libpng_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00017939 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libcdg_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 01281043 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libschroedinger_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 01512467 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\meta_engine\libtaglib_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00018451 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libdts_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00339475 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libtheora_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00344595 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\codec\libfaad_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00013843 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 00018963 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libscaletempo_plugin.dll
2015-11-07 13:37 - 2015-03-04 13:15 - 01496083 _____ () C:\Program Files (x86)\DearMob\5KPlayer\plugins\audio_filter\libsamplerate_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00113664 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 02341888 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00246784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 00047616 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 00050688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00079360 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 02029568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00100352 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00258560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00076288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00046592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00061440 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00465920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00719872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00114688 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00136704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 01409536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00300032 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 01283584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00056320 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00038912 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00192000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 11749376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00378368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00118272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00043520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00039936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00037376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 00292864 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 00040448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 01297920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 00041472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-09-23 00:19 - 2013-09-23 00:19 - 00350720 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00359424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00034816 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 00040960 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-09-23 00:18 - 2013-09-23 00:18 - 01518592 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-03-11 07:37 - 2016-03-08 12:16 - 17541312 _____ () C:\Users\Zuzana\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\...\dell.com -> dell.com
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2015-04-13 09:30 - 00000029 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2625221743-1896352500-3224387153-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Zuzana^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^AnyMeeting.lnk => C:\Windows\pss\AnyMeeting.lnk.Startup
MSCONFIG\startupreg: DeskTime => "C:\Users\Zuzana\AppData\Local\DeskTime\DeskTime.exe"
MSCONFIG\startupreg: GoToMeeting => "C:\Program Files (x86)\Citrix\GoToMeeting\1468\g2mstart.exe" "/Trigger RunAtLogon"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{70922180-8A3D-4477-80B2-B9A7A43035DD}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{69F35E0B-62E7-498F-98C8-F2A580DB634B}] => (Allow) LPort=24784
FirewallRules: [{7FCED834-A357-40E0-9061-5ACDD65D0DA8}] => (Allow) LPort=24784
FirewallRules: [TCP Query User{A3F7D7D8-3BC8-4E1C-BB8D-35C33EB5412A}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{9EA1F016-F1CD-402E-855F-F97DE804F615}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{B2802BBB-D953-4EF5-A38B-0407B4DB6D5E}] => (Allow) C:\Program Files (x86)\Synology Data Replicator  3\Backup.exe
FirewallRules: [{DA3924A6-9CC4-40B5-8CBA-65294F4613A5}] => (Allow) C:\Program Files (x86)\Synology Data Replicator  3\Backup.exe
FirewallRules: [{335E23D4-D0BF-463E-968B-056EC577F846}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{79538464-E60A-4B2E-97A7-629676D68756}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{389F0556-98A6-4DCC-9FC8-D0D911A62EDF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [TCP Query User{BF4AD978-E200-486B-92C6-5763C413C4C2}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{7791B714-910B-4869-B7B7-85F42C0DF42D}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [TCP Query User{457A806E-E6B1-449C-854F-DC87295B3111}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{850C2610-4403-4DB9-9E20-476FBD5F7504}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Block) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{0AD9608A-662F-4835-BD38-8DE75A391FE5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{77372ABF-465A-4529-9890-CD3CAF4EE665}] => (Allow) C:\Users\Zuzana\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{946BB42F-6730-43EF-9BBB-620D50915961}] => (Allow) C:\Users\Zuzana\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{363413F0-7090-44E4-A024-A3FDD612C8F8}] => (Allow) C:\Users\Zuzana\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{AECD11EC-3B64-4250-8479-C1C6D86C9FFF}] => (Allow) C:\Users\Zuzana\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{18BD9CDC-BFD0-49BA-92B8-04248BED2516}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{9202E06E-F376-40AB-B5F3-D28A351F1AA4}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{157A522D-76B0-49D7-9D07-32505C28384C}] => (Allow) LPort=9100
FirewallRules: [{73804CD4-89CA-47A7-B8AA-0CCBEE85E5A9}] => (Allow) LPort=427
FirewallRules: [{5A928FA8-F9D7-488B-818E-66F8D6D35637}] => (Allow) LPort=161
FirewallRules: [{A8194C9B-EEFA-408F-84CB-15FBC237191A}] => (Allow) C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C1BEE268-D85B-4F22-B552-58270CED079F}] => (Allow) C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6E217669-8479-4FD5-9E03-8EF2FE7236D0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A526EBD8-D7CD-4B6D-A2C1-A90D96DD4F27}] => (Allow) C:\Users\Zuzana\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{5BBFBF22-679A-4524-8142-2787F90E6888}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{3567CE7B-B7A8-4A98-B9F7-D7BAF6B5BD50}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{16506CC4-1E68-4D98-AB90-0D3CDBA35836}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{D2D5E980-52C4-4248-902C-D0A73462D66D}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{AA4D079E-E8DA-4CC6-99C5-938A069E7EEE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2EF77FCE-8505-40C3-AE2E-03C30CD517AD}] => (Allow) LPort=2869
FirewallRules: [{288ADF5C-27C9-46FD-8804-349C225F3544}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{7674B293-B166-4765-B18A-9E0BD04F2D89}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5518BFFF-A5BC-4AF3-A7AE-2B40379E0034}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{9C758CA3-F2FF-4F8E-862A-5162634AAA5C}] => (Allow) C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC7A633F-606C-41DE-BF23-048873BA8444}] => (Allow) C:\Users\Zuzana\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{ED2B5E5C-4DD9-4B82-980C-A90A9EA25469}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{697DBC48-C92E-4755-AE4E-4D90FD8F7455}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DD866C0C-A8C3-4C79-9A1C-79B0D24B7AF5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{220A2613-A963-43F1-B0DB-08AF792CB906}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3097CC28-3FA3-47EE-9F33-315502BC3A9C}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{779AFCF5-BEBF-47E3-A80E-152D5809FA1D}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [{BCC385CB-C8AE-4AD3-88BD-0A1DAE05AB06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B65DECD2-7A3E-463F-8395-EB822A7DD0E7}] => (Allow) C:\Users\Zuzana\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{1E8AEDCB-D6D1-4999-B4ED-3FAB52978A9F}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
FirewallRules: [UDP Query User{3E7FB3F4-D12D-45FB-86AD-EBB0D735A128}C:\program files (x86)\dearmob\5kplayer\5kplayer.exe] => (Block) C:\program files (x86)\dearmob\5kplayer\5kplayer.exe
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices =============
 
Name: HP LaserJet Pro M201dw
Description: HP LaserJet Pro M201dw
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: HP Color LaserJet CP1518ni
Description: HP Color LaserJet CP1518ni
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: HP LaserJet Professional P1102w
Description: HP LaserJet Professional P1102w
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/11/2016 11:02:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 11:01:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 11:00:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:59:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:58:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:57:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:56:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:55:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:54:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
Error: (03/11/2016 10:53:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Client application registered 2 identical instances of service PeterSulek._airplay._tcp.local. port 8000.
 
 
System errors:
=============
Error: (03/11/2016 07:12:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Mobile Partner. OUC service failed to start due to the following error: 
%%1053
 
Error: (03/11/2016 07:12:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Mobile Partner. OUC service to connect.
 
Error: (03/11/2016 07:09:49 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
Error: (03/08/2016 10:30:16 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort1.
 
 
CodeIntegrity:
===================================
  Date: 2015-11-12 14:42:57.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET Endpoint Antivirus 5.0\upgrade.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-08 09:45:47.299
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-09-08 09:45:47.026
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II Neo K325 Dual-Core Processor
Percentage of memory in use: 69%
Total physical RAM: 3838.11 MB
Available physical RAM: 1157.35 MB
Total Virtual: 7674.43 MB
Available Virtual: 4049.79 MB
 
==================== Drives ================================
 
Drive c: (Local Disk) (Fixed) (Total:465.66 GB) (Free:85.96 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B7362935)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.) Attach the file to your next post. (More Reply Options, Choose File, Open, Attach This File.)
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As,(to your desktop) Save.  (Note the file name) Open the file on your desktop and copy and paste the text to a reply.
 

 


  • 0

#3
moose35

moose35

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

Hi,

 

Thanks for the quick reply, much appreciated.

 

Here are the two logs, Speccy first.

 

Summary
Operating System
Windows 7 Home Premium 64-bit SP1
CPU
AMD Athlon II Neo K325 63 °C
Champlain 45nm Technology
RAM
4,00GB Dual-Channel DDR3 @ 398MHz (6-6-6-15)
Motherboard
Dell Inc. 63 °C
Graphics
Generic PnP Monitor ([email protected])
ATI Mobility Radeon HD 4225 (Dell)
Storage
465GB Seagate ST9500420AS ATA Device (SATA) 40 °C
Optical Drives
ELBY CLONEDRIVE SCSI CdRom Device
DTSOFT Virtual CdRom Device
Audio
IDT High Definition Audio CODEC
Operating System
Windows 7 Home Premium 64-bit SP1
Computer type: Portable
Installation Date: 19. 7. 2012 10:58:07
Serial Number: DELETED
Windows Security Center
User Account Control (UAC) Disabled
Firewall Enabled
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Enabled
Antivirus
Antivirus Enabled
Company Name ESET
Display Name ESET Endpoint Antivirus 5.0
Product Version 5.0.2126.4
Virus Signature Database Up to date
.NET Frameworks installed
v4.0 Full
v4.0 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 11.0.9600.18230
PowerShell
Version 2.0
Java
Java Runtime Environment
Path C:\Program Files\Java\jre7\bin\java.exe
Version 7.0
Update 5
Build 06
Environment Variables
USERPROFILE C:\Users\Zuzana
SystemRoot C:\Windows
User Variables
MOZ_PLUGIN_PATH C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\
TEMP C:\Users\Zuzana\AppData\Local\Temp
TMP C:\Users\Zuzana\AppData\Local\Temp
Machine Variables
asl.log Destination=file
ComSpec C:\Windows\system32\cmd.exe
ESET_OPTIONS
FP_NO_HOST_CHECK NO
NUMBER_OF_PROCESSORS 2
OS Windows_NT
Path C:\Windows\system32
C:\Windows
C:\Windows\system32\wbem
C:\Program Files\Common Files\Microsoft Shared\Windows Live
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live
C:\Windows\System32\WindowsPowerShell\v1.0
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
C:\Program Files (x86)\Windows Live\Shared
C:\Program Files (x86)\Skype\Phone\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD
PROCESSOR_LEVEL 16
PROCESSOR_REVISION 0603
PSModulePath C:\Windows\system32\WindowsPowerShell\v1.0\Modules\
TEMP C:\Windows\TEMP
TMP C:\Windows\TEMP
USERNAME SYSTEM
windir C:\Windows
Battery
AC Line Online
Battery Charge % 8 %
Battery State Low
Remaining Battery Time Unknown
Power Profile
Active power scheme Power saver
Hibernation Enabled
Turn Off Monitor after: (On AC Power) Never
Turn Off Monitor after: (On Battery Power) 2 min
Turn Off Hard Disk after: (On AC Power) 20 min
Turn Off Hard Disk after: (On Battery Power) 5 min
Suspend after: (On AC Power) Never
Suspend after: (On Battery Power) 10 min
Screen saver Disabled
Uptime
Current Session
Current Time 11. 3. 2016 19:44:13
Current Uptime 15 917 sec (0 d, 04 h, 25 m, 17 s)
Last Boot Time 11. 3. 2016 15:18:56
Services
Running AMD External Events Utility
Running Andrea ST Filters Service
Running Apple Mobile Device
Running Application Experience
Running Audio Service
Running Background Intelligent Transfer Service
Running Base Filtering Engine
Running Bonjour Service
Running CNG Key Isolation
Running COM+ Event System
Running Cryptographic Services
Running DCOM Server Process Launcher
Running Desktop Window Manager Session Manager
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Distributed Link Tracking Client
Running DNS Client
Running DW WLAN Tray Service
Running ESET Service
Running Extensible Authentication Protocol
Running Group Policy Client
Running HP Network Devices Support
Running HP SI Service
Running HWDeviceService64.exe
Running IKE and AuthIP IPsec Keying Modules
Running IP Helper
Running IPsec Policy Agent
Running Microsoft .NET Framework NGEN v4.0.30319_X86
Running Multimedia Class Scheduler
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running NitroPDFDriverCreatorReadSpool8
Running Peer Name Resolution Protocol
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secondary Logon
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running Skype Click to Call PNR Service
Running Skype Click to Call Updater
Running Software Protection
Running SPP Notification Service
Running SSDP Discovery
Running Superfetch
Running SynoDrService
Running System Event Notification Service
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running Update service
Running UsbClientService
Running User Profile Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Defender
Running Windows Event Log
Running Windows Firewall
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows Live ID Sign-in Assistant
Running Windows Management Instrumentation
Running Windows Media Player Network Sharing Service
Running Windows Modules Installer
Running Windows Search
Running Windows Update
Running WLAN AutoConfig
Running Workstation
Running WWAN AutoConfig
Stopped ActiveX Installer (AxInstSV)
Stopped Adaptive Brightness
Stopped Adobe Flash Player Update Service
Stopped Application Identity
Stopped Application Information
Stopped Application Layer Gateway Service
Stopped ASP.NET State Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Support Service
Stopped Certificate Propagation
Stopped COM+ System Application
Stopped Computer Browser
Stopped Credential Manager
Stopped Diagnostic System Host
Stopped Disk Defragmenter
Stopped Distributed Transaction Coordinator
Stopped Encrypting File System (EFS)
Stopped ESET HTTP Server
Stopped ESET SHA Service
Stopped Fax
Stopped Function Discovery Provider Host
Stopped Function Discovery Resource Publication
Stopped Health Key and Certificate Management
Stopped HomeGroup Listener
Stopped HomeGroup Provider
Stopped Human Interface Device Access
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped Internet Explorer ETW Collector Service
Stopped iPod Service
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped LiveUpdate
Stopped Media Center Extender Service
Stopped Microsoft .NET Framework NGEN v2.0.50727_X64
Stopped Microsoft .NET Framework NGEN v2.0.50727_X86
Stopped Microsoft .NET Framework NGEN v4.0.30319_X64
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Office Diagnostics Service
Stopped Microsoft Office Groove Audit Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Mobile Partner. OUC
Stopped Mozilla Maintenance Service
Stopped Net Driver HPZ12
Stopped Net.Msmq Listener Adapter
Stopped Net.Pipe Listener Adapter
Stopped Net.Tcp Listener Adapter
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Access Protection Agent
Stopped Office Source Engine
Stopped Parental Controls
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped Pml Driver HPZ12
Stopped PnP-X IP Bus Enumerator
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Problem Reports and Solutions Control Panel Support
Stopped Protected Storage
Stopped Quality Windows Audio Video Experience
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Routing and Remote Access
Stopped Skype Updater
Stopped Služba Google Update (gupdate)
Stopped Služba Google Update (gupdatem)
Stopped Smart Card
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Tablet PC Input Service
Stopped Thread Ordering Server
Stopped TPM Base Services
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped WebClient
Stopped Windows Activation Technologies Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows CardSpace
Stopped Windows Color System
Stopped Windows Connect Now - Config Registrar
Stopped Windows Driver Foundation - User-mode Driver Framework
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Installer
Stopped Windows Media Center Receiver Service
Stopped Windows Media Center Scheduler Service
Stopped Windows Presentation Foundation Font Cache 3.0.0.0
Stopped Windows Remote Management (WS-Management)
Stopped Windows Time
Stopped WinHTTP Web Proxy Auto-Discovery Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
TimeZone
TimeZone GMT +1:00 Hours
Language Slovak (Slovakia)
Location Slovakia
Format Slovak (Slovakia)
Currency
Date Format d. M. yyyy
Time Format H:mm:ss
Scheduler
11. 3. 2016 19:45; Adobe Flash Player Updater
11. 3. 2016 19:49; G2MUpdateTask-S-1-5-21-2625221743-1896352500-3224387153-1000
11. 3. 2016 19:51; GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core
11. 3. 2016 19:51; GoogleUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA
11. 3. 2016 19:59; GoogleUpdateTaskMachineUA
11. 3. 2016 20:39; G2MUploadTask-S-1-5-21-2625221743-1896352500-3224387153-1000
11. 3. 2016 22:04; FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000UA
12. 3. 2016 1:04; FacebookUpdateTaskUserS-1-5-21-2625221743-1896352500-3224387153-1000Core
12. 3. 2016 2:00; AdobeAAMUpdater-1.0-PETERSULEK-Zuzana
12. 3. 2016 9:33; Synology Data Replicator 3-PC107-Zuzana
12. 3. 2016 10:59; GoogleUpdateTaskMachineCore
CCleanerSkipUAC
SidebarExecute
Uninstaller_SkipUac_Zuzana
Hotfixes
Installed
11. 3. 2016  Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB3114900)
A security vulnerability exists in Microsoft Office Compatibility
Pack Service Pack 3 that could allow arbitrary code to run when
a maliciously modified file is opened. This update resolves that
vulnerability.
11. 3. 2016  Security Update for Microsoft Office Word 2007 (KB3114901)
A security vulnerability exists in Microsoft Office Word 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11. 3. 2016  Security Update for Microsoft Office 2007 suites (KB2956110)
A security vulnerability exists in Microsoft Office 2007 suites
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11. 3. 2016  Security Update for Microsoft Office InfoPath 2007 (KB3114426)
A security vulnerability exists in Microsoft Office InfoPath
2007 that could allow arbitrary code to run when a maliciously
modified file is opened. This update resolves that vulnerability.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3139398)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB3139929)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3140410)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3138910)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64 (KB3135988)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3140735)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Microsoft Office Outlook 2007 (KB2880510)
A security vulnerability exists in Microsoft Office Outlook 2007
that could allow arbitrary code to run when a maliciously modified
file is opened. This update resolves that vulnerability.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3139914)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3138962)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64 (KB3135983)
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
Not Installed
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3139852)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
11. 3. 2016  Update for Windows 7 for x64-based Systems (KB3138612)
Installation Status Failed
Install this update to resolve issues in Windows. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article for more information.
After you install this item, you may have to restart your computer.
11. 3. 2016  Security Update for Windows 7 for x64-based Systems (KB3139940)
Installation Status Failed
A security issue has been identified in a Microsoft software
product that could affect your system. You can help protect your
system by installing this update from Microsoft. For a complete
listing of the issues that are included in this update, see the
associated Microsoft Knowledge Base article. After you install
this update, you may have to restart your system.
System Folders
Application Data C:\ProgramData
Cookies C:\Users\Zuzana\AppData\Roaming\Microsoft\Windows\Cookies
Desktop C:\Users\Zuzana\Desktop
Documents C:\Users\Public\Documents
Fonts C:\Windows\Fonts
Global Favorites C:\Users\Zuzana\Favorites
Internet History C:\Users\Zuzana\AppData\Local\Microsoft\Windows\History
Local Application Data C:\Users\Zuzana\AppData\Local
Music C:\Users\Public\Music
Path for burning CD C:\Users\Zuzana\AppData\Local\Microsoft\Windows\Burn\Burn
Physical Desktop C:\Users\Zuzana\Desktop
Pictures C:\Users\Public\Pictures
Program Files C:\Program Files
Public Desktop C:\Users\Public\Desktop
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Temporary Internet Files C:\Users\Zuzana\AppData\Local\Microsoft\Windows\Temporary Internet Files
User Favorites C:\Users\Zuzana\Favorites
Videos C:\Users\Public\Videos
Windows Directory C:\Windows
Windows/System C:\Windows\system32
Process List
AESTSr64.exe
Process ID 1720
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\AESTSr64.exe
Memory Usage 1.00 MB
Peak Memory Usage 2.69 MB
AppleMobileDeviceService.exe
Process ID 1752
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 4.48 MB
Peak Memory Usage 9.25 MB
atieclxx.exe
Process ID 2144
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atieclxx.exe
Memory Usage 3.81 MB
Peak Memory Usage 5.79 MB
atiesrxx.exe
Process ID 852
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\atiesrxx.exe
Memory Usage 2.09 MB
Peak Memory Usage 4.18 MB
audiodg.exe
Process ID 1052
User LOCAL SERVICE
Domain NT AUTHORITY
Memory Usage 18 MB
Peak Memory Usage 23 MB
BCMWLTRY.EXE
Process ID 1464
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
Memory Usage 18 MB
Peak Memory Usage 33 MB
CCC.exe
Process ID 3448
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Memory Usage 2.05 MB
Peak Memory Usage 51 MB
chrome.exe
Process ID 2896
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 134 MB
Peak Memory Usage 185 MB
chrome.exe
Process ID 6056
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 82 MB
Peak Memory Usage 112 MB
chrome.exe
Process ID 7140
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 104 MB
Peak Memory Usage 109 MB
chrome.exe
Process ID 5672
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 60 MB
Peak Memory Usage 88 MB
chrome.exe
Process ID 5280
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Memory Usage 116 MB
Peak Memory Usage 158 MB
CNMFSUT6.EXE
Process ID 3900
User Zuzana
Domain PETERSULEK
Path C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT6.EXE
Memory Usage 3.82 MB
Peak Memory Usage 5.90 MB
conhost.exe
Process ID 1488
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\conhost.exe
Memory Usage 1.10 MB
Peak Memory Usage 2.62 MB
csrss.exe
Process ID 432
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 2.74 MB
Peak Memory Usage 34 MB
csrss.exe
Process ID 512
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\csrss.exe
Memory Usage 37 MB
Peak Memory Usage 177 MB
DCSHelper.exe
Process ID 3584
User Zuzana
Domain PETERSULEK
Path C:\ProgramData\DatacardService\DCSHelper.exe
Memory Usage 3.72 MB
Peak Memory Usage 6.35 MB
dllhost.exe
Process ID 5100
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\DllHost.exe
Memory Usage 2.76 MB
Peak Memory Usage 4.96 MB
dwm.exe
Process ID 3536
User Zuzana
Domain PETERSULEK
Path C:\Windows\system32\Dwm.exe
Memory Usage 36 MB
Peak Memory Usage 46 MB
egui.exe
Process ID 3912
User Zuzana
Domain PETERSULEK
Path C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
Memory Usage 8.11 MB
Peak Memory Usage 17 MB
ekrn.exe
Process ID 1920
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
Memory Usage 97 MB
Peak Memory Usage 213 MB
explorer.exe
Process ID 3544
User Zuzana
Domain PETERSULEK
Path C:\Windows\Explorer.EXE
Memory Usage 45 MB
Peak Memory Usage 69 MB
flux.exe
Process ID 3984
User Zuzana
Domain PETERSULEK
Path C:\Users\Zuzana\AppData\Local\FluxSoftware\Flux\flux.exe
Memory Usage 11 MB
Peak Memory Usage 27 MB
GoogleCrashHandler.exe
Process ID 3384
User Zuzana
Domain PETERSULEK
Path C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\GoogleCrashHandler.exe
Memory Usage 528 KB
Peak Memory Usage 4.12 MB
GoogleCrashHandler64.exe
Process ID 3112
User Zuzana
Domain PETERSULEK
Path C:\Users\Zuzana\AppData\Local\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
Memory Usage 312 KB
Peak Memory Usage 3.93 MB
HPSIsvc.exe
Process ID 1996
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\HPSIsvc.exe
Memory Usage 2.17 MB
Peak Memory Usage 4.14 MB
HWDeviceService64.exe
Process ID 2016
User SYSTEM
Domain NT AUTHORITY
Path C:\ProgramData\DatacardService\HWDeviceService64.exe
Memory Usage 2.07 MB
Peak Memory Usage 5.31 MB
lsass.exe
Process ID 576
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsass.exe
Memory Usage 8.46 MB
Peak Memory Usage 11 MB
lsm.exe
Process ID 616
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\lsm.exe
Memory Usage 3.05 MB
Peak Memory Usage 4.13 MB
mDNSResponder.exe
Process ID 1804
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Bonjour\mDNSResponder.exe
Memory Usage 3.65 MB
Peak Memory Usage 5.67 MB
MOM.exe
Process ID 3388
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
Memory Usage 4.04 MB
Peak Memory Usage 26 MB
mscorsvw.exe
Process ID 2632
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Memory Usage 7.62 MB
Peak Memory Usage 11 MB
NitroPDFDriverService8x64.exe
Process ID 1852
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
Memory Usage 1.35 MB
Peak Memory Usage 3.47 MB
notepad.exe
Process ID 3308
User Zuzana
Domain PETERSULEK
Path C:\Windows\system32\NOTEPAD.EXE
Memory Usage 4.13 MB
Peak Memory Usage 6.90 MB
ouc.exe
Process ID 1332
User SYSTEM
Domain NT AUTHORITY
Path C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
Memory Usage 2.66 MB
Peak Memory Usage 5.06 MB
SearchFilterHost.exe
Process ID 5224
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchFilterHost.exe
Memory Usage 8.00 MB
Peak Memory Usage 8.02 MB
SearchIndexer.exe
Process ID 3340
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchIndexer.exe
Memory Usage 16 MB
Peak Memory Usage 26 MB
SearchProtocolHost.exe
Process ID 4444
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\SearchProtocolHost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
services.exe
Process ID 556
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\services.exe
Memory Usage 6.39 MB
Peak Memory Usage 9.22 MB
Skype.exe
Process ID 4068
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Skype\Phone\Skype.exe
Memory Usage 98 MB
Peak Memory Usage 158 MB
SkypeC2CAutoUpdateSvc.exe
Process ID 1836
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
Memory Usage 1.76 MB
Peak Memory Usage 4.96 MB
SkypeC2CPNRSvc.exe
Process ID 1864
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
Memory Usage 1.62 MB
Peak Memory Usage 5.09 MB
smss.exe
Process ID 272
User SYSTEM
Domain NT AUTHORITY
Path \SystemRoot\System32\smss.exe
Memory Usage 836 KB
Peak Memory Usage 1.17 MB
Speccy64.exe
Process ID 2996
User Zuzana
Domain PETERSULEK
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 26 MB
Peak Memory Usage 26 MB
spoolsv.exe
Process ID 1536
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 9.19 MB
Peak Memory Usage 21 MB
sppsvc.exe
Process ID 2120
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\sppsvc.exe
Memory Usage 6.41 MB
Peak Memory Usage 14 MB
stacsv64.exe
Process ID 440
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_8710db39c7952056\STacSV64.exe
Memory Usage 4.41 MB
Peak Memory Usage 7.21 MB
sttray64.exe
Process ID 3920
User Zuzana
Domain PETERSULEK
Path C:\Program Files\IDT\WDM\sttray64.exe
Memory Usage 5.79 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 964
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 115 MB
Peak Memory Usage 163 MB
svchost.exe
Process ID 1004
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 4492
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 4.64 MB
Peak Memory Usage 6.52 MB
svchost.exe
Process ID 240
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 87 MB
Peak Memory Usage 217 MB
svchost.exe
Process ID 1400
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 97 MB
svchost.exe
Process ID 3844
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.08 MB
Peak Memory Usage 6.85 MB
svchost.exe
Process ID 2168
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.90 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 2328
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 28 MB
Peak Memory Usage 197 MB
svchost.exe
Process ID 280
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 3.93 MB
Peak Memory Usage 5.52 MB
svchost.exe
Process ID 724
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 5.80 MB
Peak Memory Usage 9.71 MB
svchost.exe
Process ID 1304
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 804
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\svchost.exe
Memory Usage 7.28 MB
Peak Memory Usage 8.36 MB
svchost.exe
Process ID 932
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 6972
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.28 MB
Peak Memory Usage 6.28 MB
SynoDrServicex64.exe
Process ID 2188
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
Memory Usage 1.83 MB
Peak Memory Usage 4.93 MB
System
Process ID 4
Memory Usage 1.05 MB
Peak Memory Usage 11 MB
System Idle Process
Process ID 0
taskhost.exe
Process ID 816
User Zuzana
Domain PETERSULEK
Path C:\Windows\system32\taskhost.exe
Memory Usage 8.89 MB
Peak Memory Usage 15 MB
taskmgr.exe
Process ID 1732
User Zuzana
Domain PETERSULEK
Path C:\Windows\system32\taskmgr.exe
Memory Usage 7.20 MB
Peak Memory Usage 11 MB
thunderbird.exe
Process ID 4616
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
Memory Usage 130 MB
Peak Memory Usage 190 MB
TrustedInstaller.exe
Process ID 1220
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\servicing\TrustedInstaller.exe
Memory Usage 22 MB
Peak Memory Usage 396 MB
UninstallMonitor.exe
Process ID 4704
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
Memory Usage 4.37 MB
Peak Memory Usage 9.83 MB
Updater.exe
Process ID 2248
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Popcorn Time\Updater.exe
Memory Usage 5.37 MB
Peak Memory Usage 8.70 MB
UsbClientService.exe
Process ID 2280
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
Memory Usage 3.03 MB
Peak Memory Usage 4.66 MB
VCDDaemon.exe
Process ID 3700
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
Memory Usage 3.11 MB
Peak Memory Usage 5.33 MB
vlc.exe
Process ID 3244
User Zuzana
Domain PETERSULEK
Path C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Memory Usage 35 MB
Peak Memory Usage 51 MB
wininit.exe
Process ID 492
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wininit.exe
Memory Usage 1.81 MB
Peak Memory Usage 4.48 MB
winlogon.exe
Process ID 600
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\winlogon.exe
Memory Usage 4.23 MB
Peak Memory Usage 8.28 MB
wlanext.exe
Process ID 1472
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\WLANExt.exe
Memory Usage 2.94 MB
Peak Memory Usage 5.04 MB
WLIDSVC.EXE
Process ID 2380
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
Memory Usage 7.21 MB
Peak Memory Usage 14 MB
WLIDSVCM.EXE
Process ID 2672
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
Memory Usage 1.22 MB
Peak Memory Usage 3.26 MB
WLTRAY.EXE
Process ID 3892
User Zuzana
Domain PETERSULEK
Path C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
Memory Usage 20 MB
Peak Memory Usage 31 MB
WLTRYSVC.EXE
Process ID 1440
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
Memory Usage 1.27 MB
Peak Memory Usage 3.28 MB
WmiPrvSE.exe
Process ID 6824
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 14 MB
Peak Memory Usage 14 MB
WmiPrvSE.exe
Process ID 1392
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\system32\wbem\wmiprvse.exe
Memory Usage 5.93 MB
Peak Memory Usage 5.93 MB
wmpnetwk.exe
Process ID 4224
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Program Files\Windows Media Player\wmpnetwk.exe
Memory Usage 10 MB
Peak Memory Usage 14 MB
Security Options
Accounts: Administrator account status Disabled
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not display last user name Disabled
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session 15 minutes
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network Security: Allow PKU2U authentication requests to this computer to use online identities Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Disabled
Recovery console: Allow floppy copy and access to all drives and all folders Disabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems Posix
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Disabled
User Account Control: Switch to the secure desktop when prompting for elevation Disabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Fixed Feature Button
ACPI Lid
ACPI Power Button
ACPI Thermal Zone
AMD Athlon II Neo K325 Dual-Core Processor
AMD Athlon II Neo K325 Dual-Core Processor
Microsoft Windows Management Interface for ACPI
AMD PCI Express (3GIO) Filter Driver
ATI I/O Communications Processor PCI Bus Controller
ATI I/O Communications Processor SMBus Controller
Microsoft ACPI-Compliant Embedded Controller
Motherboard resources
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard host CPU bridge
PCI standard PCI-to-PCI bridge
ATI Mobility Radeon HD 4225
Generic PnP Monitor
High Definition Audio Controller
ATI High Definition Audio Device
PCI standard PCI-to-PCI bridge
DW1501 Wireless-N WLAN Half-Mini Card
Microsoft Virtual WiFi Miniport Adapter
PCI standard PCI-to-PCI bridge
Realtek PCIE CardReader
Realtek PCIe FE Family Controller
Standard AHCI 1.0 Serial ATA Controller
ATA Channel 2
ATA Channel 3
ST9500420AS ATA Device
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
Standard OpenHCD USB Host Controller
USB Root Hub
Standard Enhanced PCI to USB Host Controller
USB Root Hub
USB Composite Device
Integrated Webcam
High Definition Audio Controller
IDT High Definition Audio CODEC
PCI standard ISA bridge
Direct memory access controller
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Motherboard resources
Numeric data processor
Programmable interrupt controller
PS/2 Compatible Mouse
Standard PS/2 Keyboard
System board
System CMOS/real time clock
System speaker
System timer
CPU
AMD Athlon II Neo K325
Cores 2
Threads 2
Name AMD Athlon II Neo K325
Code Name Champlain
Package Socket ASB2
Technology 45nm
Specification AMD Athlon II Neo K325 Dual-Core Processor
Family F
Extended Family 10
Model 6
Extended Model 6
Stepping 3
Revision DA-C3
Instructions MMX (+), 3DNow! (+), SSE, SSE2, SSE3, SSE4A, AMD 64, NX, VMX
Virtualization Supported, Disabled
Hyperthreading Not supported
Rated Bus Speed 997.4 MHz
Stock Core Speed 1300 MHz
Stock Bus Speed 200 MHz
Average Temperature 63 °C
Caches
L1 Data Cache Size 2 x 64 KBytes
L1 Instructions Cache Size 2 x 64 KBytes
L2 Unified Cache Size 2 x 1024 KBytes
Cores
Core 0
Core Speed 798.0 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 997.4 MHz
Temperature 63 °C
Threads APIC ID: 0
Core 1
Core Speed 798.0 MHz
Multiplier x 4.0
Bus Speed 199.5 MHz
Rated Bus Speed 997.4 MHz
Temperature 63 °C
Threads APIC ID: 1
RAM
Memory slots
Total memory slots 2
Used memory slots 2
Free memory slots 0
Memory
Type DDR3
Size 4096 MBytes
Channels # Dual
DRAM Frequency 399.0 MHz
CAS# Latency (CL) 6 clocks
RAS# to CAS# Delay (tRCD) 6 clocks
RAS# Precharge (tRP) 6 clocks
Cycle Time (tRAS) 15 clocks
Bank Cycle Time (tRC) 20 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 67 %
Total Physical 3.75 GB
Available Physical 1.23 GB
Total Virtual 7.49 GB
Available Virtual 4.27 GB
SPD
Number Of SPD Modules 2
Slot #1
Type DDR3
Size 2048 MBytes
Manufacturer Kingston
Max Bandwidth PC3-10700 (667 MHz)
Part Number KF073F-ELD
Serial Number 1278674028
Week/year 39 / 10
Timing table
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5,0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1,500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6,0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1,500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7,0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1,500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8,0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 31
Voltage 1,500 V
JEDEC #5
Frequency 666.7 MHz
CAS# Latency 9,0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 33
Voltage 1,500 V
Slot #2
Type DDR3
Size 2048 MBytes
Manufacturer Kingston
Max Bandwidth PC3-10700 (667 MHz)
Part Number KF073F-ELD
Serial Number 1295504747
Week/year 39 / 10
Timing table
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5,0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1,500 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6,0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 17
tRC 23
Voltage 1,500 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7,0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 20
tRC 27
Voltage 1,500 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8,0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 31
Voltage 1,500 V
JEDEC #5
Frequency 666.7 MHz
CAS# Latency 9,0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 33
Voltage 1,500 V
Motherboard
Manufacturer Dell Inc.
Version A05
Chipset Vendor AMD
Chipset Model 785GX
Chipset Revision 00
Southbridge Vendor AMD
Southbridge Model SB850
Southbridge Revision 40
System Temperature 63 °C
BIOS
Brand Dell Inc.
Version A05
Date 19. 4. 2011
PCI Data
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation MINI PCI1
Characteristics 5V, 3.3V, PME
Slot Number 0
Slot PCI
Slot Type PCI
Slot Usage Available
Bus Width 32 bit
Slot Designation MINI PCI2
Characteristics 5V, 3.3V, PME
Slot Number 1
Graphics
Monitor
Name Generic PnP Monitor on ATI Mobility Radeon HD 4225
Current Resolution 1366x768 pixels
Work Resolution 1366x728 pixels
State Enabled, Primary
Monitor Width 1366
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
ATI Mobility Radeon HD 4225
Manufacturer ATI
Model Mobility Radeon HD 4225
GPU RS880M
Device ID 1002-9712
Subvendor Dell (1028)
Current Performance Level Level 0
Die Size 73 mm2
Release Date Sep 10, 2009
DirectX Support 10.1
DirectX Shader Model 4.1
OpenGL Support 3.3
GPU Clock 380,0 MHz
Driver version 8.712.0.0
ROPs 4
Shaders 40 unified
Pixel Fillrate 1,5 GPixels/s
Count of performance levels : 2
Level 1 - "Perf Level 0"
Level 2 - "Perf Level 1"
Storage
Hard drives
ST9500420AS ATA Device
Manufacturer Seagate
Form Factor 2.5"
Cache Size 16MB
Heads 16
Cylinders 60 801
Tracks 15 504 255
Sectors 976 768 065
SATA type SATA-II 3.0Gb/s
Device type Fixed
ATA Standard ATA8-ACS
Serial Number 5VJ9EP65
Firmware Version Number D005SDM1
LBA Size 48-bit LBA
Power On Count 3915 times
Power On Time 321,5 days
Speed 7200 RPM
Features S.M.A.R.T., APM, AAM, NCQ
Max. Transfer Mode SATA II 3.0Gb/s
Used Transfer Mode SATA II 3.0Gb/s
Interface SATA
Capacity 465 GB
Real size 500 107 862 016 bytes
RAID Type None
S.M.A.R.T
Status Warning
Temperature 40 °C
Temperature Range OK (less than 50 °C)
S.M.A.R.T attributes
01
Attribute name Read Error Rate
Real value 0
Current 105
Worst 78
Threshold 6
Raw Value 0000991881
Status Good
03
Attribute name Spin-Up Time
Real value 0 ms
Current 100
Worst 100
Threshold 85
Raw Value 0000000000
Status Good
04
Attribute name Start/Stop Count
Real value 3 926
Current 97
Worst 97
Threshold 20
Raw Value 0000000F56
Status Good
05
Attribute name Reallocated Sectors Count
Real value 355
Current 83
Worst 83
Threshold 36
Raw Value 0000000163
Status Good
07
Attribute name Seek Error Rate
Real value 0
Current 68
Worst 60
Threshold 30
Raw Value 001C27D852
Status Good
09
Attribute name Power-On Hours (POH)
Real value 321d 12h
Current 92
Worst 92
Threshold 0
Raw Value 0000001E24
Status Good
0A
Attribute name Spin Retry Count
Real value 0
Current 100
Worst 100
Threshold 97
Raw Value 0000000000
Status Good
0C
Attribute name Device Power Cycle Count
Real value 3 915
Current 97
Worst 37
Threshold 20
Raw Value 0000000F4B
Status Good
B8
Attribute name End-to-End error / IOEDC
Real value 0
Current 100
Worst 100
Threshold 99
Raw Value 0000000000
Status Good
BB
Attribute name Reported Uncorrectable Errors
Real value 24 719
Current 1
Worst 1
Threshold 0
Raw Value 000000608F
Status Good
BC
Attribute name Command Timeout
Real value 12 885 102 132
Current 100
Worst 98
Threshold 0
Raw Value 0000030E34
Status Good
BD
Attribute name High Fly Writes (WDC)
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BE
Attribute name Airflow Temperature
Real value 39 °C
Current 61
Worst 36
Threshold 45
Raw Value 0027180027
Status Good
BF
Attribute name G-sense error rate
Real value 462
Current 100
Worst 100
Threshold 0
Raw Value 00000001CE
Status Good
C0
Attribute name Power-off Retract Count
Real value 58
Current 100
Worst 100
Threshold 0
Raw Value 000000003A
Status Good
C1
Attribute name Load/Unload Cycle Count
Real value 16 087
Current 92
Worst 92
Threshold 0
Raw Value 0000003ED7
Status Good
C2
Attribute name Temperature
Real value 39 °C
Current 39
Worst 64
Threshold 0
Raw Value 0000000027
Status Good
C3
Attribute name Hardware ECC Recovered
Real value 0
Current 48
Worst 38
Threshold 0
Raw Value 0000991881
Status Good
C5
Attribute name Current Pending Sector Count
Real value 116
Current 100
Worst 100
Threshold 0
Raw Value 0000000074
Status Good
C6
Attribute name Uncorrectable Sector Count
Real value 116
Current 100
Worst 100
Threshold 0
Raw Value 0000000074
Status Good
C7
Attribute name UltraDMA CRC Error Count
Real value 0
Current 200
Worst 200
Threshold 0
Raw Value 0000000000
Status Good
F0
Attribute name Head Flying Hours
Real value 408d 20h
Current 100
Worst 253
Threshold 0
Raw Value 0000002654
Status Good
F1
Attribute name Total LBAs Written
Real value 3 335 718 164
Current 100
Worst 253
Threshold 0
Raw Value 00C6D30514
Status Good
F2
Attribute name Total LBAs Read
Real value 3 487 707 464
Current 100
Worst 253
Threshold 0
Raw Value 00CFE23148
Status Good
FE
Attribute name Free Fall Protection
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
Partition 0
Partition ID Disk #0, Partition #0
File System NTFS
Volume Serial Number 1A04DD83
Size 99 MB
Used Space 38,5 MB (38%)
Free Space 61 MB (62%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number F21E2AA5
Size 465 GB
Used Space 381 GB (81%)
Free Space 84 GB (19%)
Optical Drives
ELBY CLONEDRIVE SCSI CdRom Device
Media Type BD Reader
Name ELBY CLONEDRIVE SCSI CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-RAM, DVD-ROM, DVD-R, HD DVD-ROM, BD-R, BD-ROM, BD-RE
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 0
SCSI Logical Unit 0
SCSI Port 2
SCSI Target Id 0
Status OK
DTSOFT Virtual CdRom Device
Media Type BD Reader
Name DTSOFT Virtual CdRom Device
Availability Running/Full Power
Capabilities Random Access, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-ROM, DVD-R, DVD+R, DVD+RW, DVD-R DL, DVD-RW DL, DVD+R DL, DVD+RW DL, BD-R, BD-ROM, BD-RE
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive D:
Media Loaded FALSE
Status OK
Audio
Sound Cards
IDT High Definition Audio CODEC
ATI High Definition Audio Device
Playback Devices
Speakers / Headphones (IDT High Definition Audio CODEC) (default)
Independent (R.T.C.) Headphones (IDT High Definition Audio CODEC)
Recording Devices
Microphone / Line In (IDT High Definition Audio CODEC) (default)
Stereo Mix (IDT High Definition Audio CODEC)
Internal Mic (IDT High Definition Audio CODEC)
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor (Standard keyboards)
Location plugged into keyboard port
Driver
Date 6-21-2006
Version 6.1.7601.17514
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\kbdclass.sys
PS/2 Compatible Mouse
Device Kind Mouse
Device Name PS/2 Compatible Mouse
Vendor Microsoft
Location plugged into PS/2 mouse port
Driver
Date 6-21-2006
Version 6.1.7600.16385
File C:\Windows\system32\DRIVERS\i8042prt.sys
File C:\Windows\system32\DRIVERS\mouclass.sys
Canon MF8000C Series
Device Kind Camera/scanner
Device Name Canon MF8000C Series
Vendor Canon
Driver
Date 5-16-2011
Version 11.3.0.0
File C:\Windows\system32\CNCC8000C.DLL
File C:\Windows\system32\CNCI8000C.DLL
File C:\Windows\system32\CNCL8000C.DLL
File C:\Windows\system32\CNCE8000C.DLL
File C:\Windows\twain_32\MF8000C\CISDS.DS
File C:\Windows\twain_32\MF8000C\SGUI.DLL
File C:\Windows\twain_32\MF8000C\SGUI_RES.DLL
File C:\Windows\twain_32\MF8000C\WIARES.DLL
File C:\Windows\twain_32\MF8000C\IOP.DLL
File C:\Windows\twain_32\MF8000C\ITLIB32.DLL
File C:\Windows\twain_32\MF8000C\SCANINTF.DLL
File C:\Windows\twain_32\MF8000C\TPM.DLL
File C:\Windows\twain_32\MF8000C\CNCFR14.DAT
File C:\Windows\twain_32\MF8000C\MC2.TXT
File C:\Windows\twain_32\MF8000C\JDA_CIMG.DLL
File C:\Windows\twain_32\MF8000C\NBS4MB.DLL
File C:\Windows\twain_32\MF8000C\NBSCOR4M.DLL
File C:\Windows\twain_32\MF8000C\RMSLANTC.DLL
File C:\Windows\twain_32\MF8000C\RSTCOL.DLL
File C:\Windows\twain_32\MF8000C\SGCFLTR.dll
File C:\Windows\twain_32\MF8000C\SGCFLTR6.dll
File C:\Windows\system32\spool\drivers\Color\CNZ005.ICC
File C:\Windows\system32\spool\drivers\Color\CNFR14.ICC
File C:\Windows\system32\CNCMFP42.INI
File C:\Windows\system32\CNCLSI42a.DLL
File C:\Windows\system32\CNCLSD42a.DLL
File C:\Windows\system32\CNCLSC42a.DLL
File C:\Windows\system32\CNCLST42a.DLL
File C:\Windows\system32\CNCLSU42a.DLL
File C:\Windows\media\CSSAMP1.MID
File C:\Windows\system32\drivers\usbscan.sys
File C:\Windows\system32\CNCLSO42a.dll
Photosmart C4700 series
Device Kind Camera/scanner
Device Name Photosmart C4700 series
Vendor HP
Location ip:192.168.0.22,subnet:192.168.0.0/24
Driver
Date 12-10-2008
Version 8.0.0.0
File C:\Windows\system32\drivers\serscan.sys
USB Video Device
Device Kind Camera/scanner
Device Name USB Video Device
Vendor Microdia
Comment Integrated Webcam
Location USB Composite Device
Driver
Date 6-21-2006
Version 6.1.7601.18208
File C:\Windows\system32\drivers\usbvideo.sys
Printers
Brother DCP-7065DN Printer
Printer Port USB004
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Monochrome
Status The printer is being deleted
Driver
Driver Name Brother DCP-7065DN Printer (v1.09)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\BROHLB0A.DLL
Bullzip PDF Printer
Printer Port BULLZIP
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Bullzip PDF Printer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
HP LaserJet 1020 (Sulek)
Printer Port USB001
Print Processor ZIMFPrint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet 1020 (v6.01)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\ZIMFDRV.DLL
HP Photosmart C4600 series (Default Printer)
Printer Port 192.168.0.12
Print Processor hpfppw73
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status The printer is offline
Driver
Driver Name HP Photosmart C4600 series (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Microsoft XPS Document Writer
Printer Port XPSPort:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer (v6.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\mxdwdrv.dll
Nitro PDF Creator (Pro 8)
Printer Port Nitro PDF Port:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 4294967292 dpi Color
Status Unknown
Driver
Driver Name Nitro PDF Driver 8 (v5.00)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\NitroGraphics8.dll
SM BA_HP LaserJet Professional P1102w
Printer Port IP_192.168.0.24
Print Processor HP1100PrintProc
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Monochrome
Status Unknown
Driver
Driver Name HP LaserJet Professional P1102w (v0.03)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\hp1100sd.dll
SM BB_Canon MF8000C
Printer Port CNMFNP_8887170F233B
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Canon MF8000C Series UFRII LT (v4.37)
Driver Path C:\Windows\system32\spool\DRIVERS\x64\3\CNLB0M_D31BD.DLL
Network
You are connected to the internet
Connected through DW1501 Wireless-N WLAN Half-Mini Card
IP Address 192.168.0.15
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
Preferred DNS server 192.168.0.1
DHCP Enabled
DHCP server 192.168.0.1
External IP Address 85.216.229.69
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Mixed node
Link Speed 8.7 KBps
Computer Name
NetBIOS Name PETERSULEK
DNS Name PeterSulek
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain PETERSULEK
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 13
Wi-Fi (328461ase908x33)
SSID 328461ase908x33
Frequency 2447000 kHz
Channel Number 8
Name 328461ase908x33
Signal Strength/Quality 30
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
Wi-Fi (ADB-F4C981)
SSID ADB-F4C981
Frequency 2412000 kHz
Channel Number 1
Name ADB-F4C981
Signal Strength/Quality 81
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Doma)
SSID Doma
Frequency 2462000 kHz
Channel Number 11
Name Doma
Signal Strength/Quality 24
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network WEP cipher algorithm with a cipher key of any length
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (Fischer AP)
SSID Fischer AP
Frequency 2427000 kHz
Channel Number 4
Name Fischer AP
Signal Strength/Quality 0
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (MD1)
SSID MD1
Frequency 2417000 kHz
Channel Number 2
Name MD1
Signal Strength/Quality 4
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (MMM)
SSID MMM
Frequency 2462000 kHz
Channel Number 11
Name MMM
Signal Strength/Quality 14
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (OR PZ BB )
SSID OR PZ BB
Frequency 2472000 kHz
Channel Number 13
Name OR PZ BB
Signal Strength/Quality 6
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Petran)
SSID Petran
Frequency 2412000 kHz
Channel Number 1
Name Petran
Signal Strength/Quality 38
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (UPC Wi-Free)
SSID UPC Wi-Free
Frequency 2462000 kHz
Channel Number 11
Name UPC Wi-Free
Signal Strength/Quality 88
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i Robust Security Network Association (RSNA) algorithm (WPA2 is one such algorithm)
Wi-Fi (UPC2422732)
SSID UPC2422732
Frequency 2462000 kHz
Channel Number 11
Name UPC2422732
Signal Strength/Quality 84
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (UPC6052313)
SSID UPC6052313
Frequency 2412000 kHz
Channel Number 1
Name UPC6052313
Signal Strength/Quality 32
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (babi)
SSID babi
Frequency 2437000 kHz
Channel Number 6
Name babi
Signal Strength/Quality 26
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network Temporal Key Integrity Protocol (TKIP) algorithm
Default Auth used to join this network for the first time WPA algorithm that uses preshared keys (PSK)
Wi-Fi (wifi-network)
SSID wifi-network
Frequency 2412000 kHz
Channel Number 1
Name wifi-network
Signal Strength/Quality 6
Security Disabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60 000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30 000
IEProxy Auto Detect No
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Disabled
File and Printer Sharing Disabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Enabled
DW1501 Wireless-N WLAN Half-Mini Card
Connection-specific DNS Suffix local
Connection Name Wireless Network Connection
NetBIOS over TCPIP Yes
DHCP enabled Yes
MAC Address C0-CB-38-5C-2A-00
IP Address 192.168.0.15
Subnet mask 255.255.255.0
Gateway server 192.168.0.1
DHCP 192.168.0.1
DNS Server 192.168.0.1
Microsoft Virtual WiFi Miniport Adapter
Connection Name Wireless Network Connection 2
DHCP enabled Yes
MAC Address C0-CB-38-5C-2A-00
Realtek PCIe FE Family Controller
Connection Name Local Area Connection
DHCP enabled Yes
MAC Address 84-2B-2B-82-13-A6
Network Shares
No network shares
Current TCP Connections
AppleMobileDeviceService.exe (1752)
Local 127.0.0.1:49156 ESTABLISHED Remote 127.0.0.1:5354 (Querying... )
Local 127.0.0.1:27015 LISTEN
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (7140)
Local 192.168.0.15:51959 ESTABLISHED Remote 31.13.93.36:443 (Querying... ) (HTTPS)
Local 192.168.0.15:51965 ESTABLISHED Remote 199.16.156.201:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52091 ESTABLISHED Remote 173.194.112.72:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52101 ESTABLISHED Remote 172.217.18.168:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52102 ESTABLISHED Remote 104.87.24.71:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52108 ESTABLISHED Remote 31.13.93.3:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52117 ESTABLISHED Remote 185.31.17.64:80 (Querying... ) (HTTP)
Local 192.168.0.15:52118 ESTABLISHED Remote 185.31.17.64:80 (Querying... ) (HTTP)
Local 192.168.0.15:52119 ESTABLISHED Remote 31.13.84.4:443 (Querying... ) (HTTPS)
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (4616)
Local 192.168.0.15:51706 ESTABLISHED Remote 37.9.175.26:143 (Querying... ) (IMAP mail protocol)
Local 127.0.0.1:49876 ESTABLISHED Remote 127.0.0.1:49875 (Querying... )
Local 127.0.0.1:49875 ESTABLISHED Remote 127.0.0.1:49876 (Querying... )
C:\Program Files (x86)\Skype\Phone\Skype.exe (4068)
Local 0.0.0.0:443 (HTTPS) LISTEN
Local 0.0.0.0:80 (HTTP) LISTEN
Local 0.0.0.0:49586 LISTEN
Local 192.168.0.15:51699 ESTABLISHED Remote 104.209.181.217:443 (Querying... ) (HTTPS)
Local 192.168.0.15:51708 ESTABLISHED Remote 64.4.47.28:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52008 ESTABLISHED Remote 65.55.164.215:443 (Querying... ) (HTTPS)
Local 192.168.0.15:51693 ESTABLISHED Remote 157.55.235.173:40004 (Querying... )
Local 192.168.0.15:51698 ESTABLISHED Remote 91.190.218.62:12350 (Querying... )
lsass.exe (576)
Local 0.0.0.0:49154 LISTEN
mDNSResponder.exe (1804)
Local 127.0.0.1:5354 LISTEN
Local 127.0.0.1:5354 ESTABLISHED Remote 127.0.0.1:49156 (Querying... )
services.exe (556)
Local 0.0.0.0:49157 LISTEN
spoolsv.exe (1536)
Local 0.0.0.0:47546 LISTEN
svchost.exe (240)
Local 0.0.0.0:49155 LISTEN
svchost.exe (804)
Local 0.0.0.0:135 (DCE) LISTEN
svchost.exe (932)
Local 0.0.0.0:49153 LISTEN
SynoDrServicex64.exe (2188)
Local 127.0.0.1:9701 LISTEN
System Process
Local 192.168.0.15:52090 TIME-WAIT Remote 198.41.209.150:443 (Querying... ) (HTTPS)
Local 192.168.0.15:52110 TIME-WAIT Remote 46.47.92.113:22417 (Querying... )
Local 192.168.0.15:52046 TIME-WAIT Remote 185.31.17.68:80 (Querying... ) (HTTP)
Local 192.168.0.15:52036 TIME-WAIT Remote 23.235.37.196:80 (Querying... ) (HTTP)
Local 192.168.0.15:52030 TIME-WAIT Remote 104.83.4.144:80 (Querying... ) (HTTP)
Local 192.168.0.15:52112 TIME-WAIT Remote 23.97.169.223:50007 (Querying... )
Local 192.168.0.15:52111 TIME-WAIT Remote 88.80.98.111:6694 (Querying... )
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:26143 LISTEN
Local 192.168.0.15:139 (NetBIOS session service) LISTEN
wininit.exe (492)
Local 0.0.0.0:49152 LISTEN
Generated with Speccy v1.29.714

  • 0

#4
moose35

moose35

    Member

  • Topic Starter
  • Member
  • PipPip
  • 27 posts

And here's the second one:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
svchost.exe 38.95 120 244 K 86 340 K 240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
vlc.exe 14.14 40 932 K 36 384 K 3244 VLC media player 2.1.0 VideoLAN (No signature was present in the subject) VideoLAN
System Idle Process 11.60 0 K 24 K 0
audiodg.exe 9.58 23 380 K 19 032 K 1052 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 9.53 26 612 K 46 960 K 5472 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
thunderbird.exe 3.40 175 176 K 133 532 K 4616 Thunderbird Mozilla Corporation (Verified) Mozilla Corporation
CCC.exe 2.72 57 552 K 9 204 K 3448 Catalyst Control Centre: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
Skype.exe 2.48 149 620 K 99 968 K 4068 Skype Skype Technologies S.A. (Verified) Skype Software Sarl
dwm.exe 2.14 33 644 K 37 160 K 3536 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
System 1.18 140 K 1 076 K 4
Interrupts 1.13 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 0.89 2 912 K 32 708 K 512 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.74 85 016 K 119 028 K 5280 Google Chrome Google Inc. (Verified) Google Inc
taskmgr.exe 0.36 3 880 K 7 544 K 1732 Windows Task Manager Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.25 23 384 K 13 876 K 932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.13 73 088 K 108 364 K 7140 Google Chrome Google Inc. (Verified) Google Inc
BCMWLTRY.EXE 0.12 44 032 K 18 924 K 1464 DW WLAN Card Wireless Network Controller Dell Inc. (No signature was present in the subject) Dell Inc.
explorer.exe 0.11 59 444 K 49 564 K 3544 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
flux.exe 0.08 33 936 K 11 668 K 3984 f.lux Flux Software LLC (Verified) Michael Herf
svchost.exe 0.06 126 460 K 120 132 K 964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
WLTRAY.EXE 0.06 39 880 K 21 164 K 3892 DW WLAN Card Wireless Network Tray Applet Dell Inc. (No signature was present in the subject) Dell Inc.
WmiApSrv.exe 0.05 1 876 K 6 004 K 4100 WMI Performance Reverse Adapter Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.05 128 872 K 141 612 K 2896 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 0.05 57 680 K 57 188 K 5672 Google Chrome Google Inc. (Verified) Google Inc
MOM.exe 0.03 39 092 K 2 076 K 3388 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
svchost.exe 0.02 3 780 K 5 396 K 3844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
CNMFSUT6.EXE 0.02 2 084 K 4 144 K 3900 Canon MF Network Scan Utility 64bit CANON INC. (Verified) CANON INC.
services.exe 0.02 5 380 K 7 380 K 556 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 0.01 22 752 K 27 356 K 1392 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
ekrn.exe 0.01 128 708 K 99 020 K 1920 ESET Service ESET (Verified) ESET
egui.exe 0.01 5 248 K 8 460 K 3912 ESET Main GUI ESET (Verified) ESET
AppleMobileDeviceService.exe 0.01 3 072 K 4 692 K 1752 MobileDeviceService Apple Inc. (Verified) Apple Inc.
taskhost.exe 0.01 13 324 K 9 272 K 816 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2 324 K 3 084 K 432 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe < 0.01 39 536 K 20 896 K 3340 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
WLIDSVC.EXE < 0.01 6 900 K 7 692 K 2380 Microsoft® Windows Live ID Service Microsoft Corp. (Verified) Microsoft Corporation
lsass.exe < 0.01 5 660 K 8 796 K 576 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 16 572 K 13 512 K 1304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 3 808 K 4 936 K 4492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SynoDrServicex64.exe < 0.01 1 920 K 2 284 K 2188 SynoDrService Application (Verified) Synology Inc.
wmpnetwk.exe < 0.01 7 616 K 10 764 K 4224 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe < 0.01 1 776 K 3 276 K 1472 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
notepad.exe < 0.01 1 940 K 4 684 K 3308 Notepad Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 130 960 K 21 348 K 2328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
stacsv64.exe < 0.01 6 584 K 4 776 K 440 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
spoolsv.exe < 0.01 12 348 K 10 128 K 1536 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe < 0.01 1 492 K 2 348 K 852 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe < 0.01 2 092 K 4 128 K 2144 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
WLTRYSVC.EXE 1 188 K 1 624 K 1440 DW WLAN Card Wireless Network Service Dell Inc. (No signature was present in the subject) Dell Inc.
WLIDSVCM.EXE 1 212 K 1 612 K 2672 Microsoft® Windows Live ID Service Monitor Microsoft Corp. (Verified) Microsoft Corporation
winlogon.exe 2 740 K 4 476 K 600 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1 460 K 1 984 K 492 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
VCDDaemon.exe 1 424 K 3 300 K 3700 Virtual CloneDrive Daemon Elaborate Bytes AG (Verified) Elaborate Bytes AG
UsbClientService.exe 1 952 K 3 240 K 2280 (Verified) Synology Inc.
Updater.exe 2 556 K 5 580 K 2248 Updater Company (No signature was present in the subject) Company
UninstallMonitor.exe 8 208 K 4 792 K 4704 IObit (Verified) IObit Information Technology
TrustedInstaller.exe 43 812 K 23 248 K 1220 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1 640 K 5 104 K 4332 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6 056 K 7 628 K 804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12 896 K 12 648 K 1400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 10 116 K 13 260 K 1004 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4 616 K 6 392 K 724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 12 216 K 6 380 K 2168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2 428 K 4 244 K 280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2 196 K 6 380 K 6972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
sttray64.exe 7 004 K 6 272 K 3920 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
sppsvc.exe 7 840 K 6 848 K 2120 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
smss.exe 448 K 1 048 K 272 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
SkypeC2CPNRSvc.exe 1 860 K 2 524 K 1864 Phone Number Recognition (PNR) module Microsoft Corporation (Verified) Skype Software Sarl
SkypeC2CAutoUpdateSvc.exe 1 396 K 2 088 K 1836 Updates Skype Click to Call Microsoft Corporation (Verified) Skype Software Sarl
procexp.exe 2 572 K 7 120 K 5060 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
ouc.exe 2 024 K 2 828 K 1332 (Verified) Huawei Technologies Co.
NitroPDFDriverService8x64.exe 1 192 K 1 760 K 1852 Nitro PDF Spool Service Nitro PDF Software (Verified) Nitro PDF Software
mscorsvw.exe 5 164 K 7 852 K 2632 .NET Runtime Optimization Service Microsoft Corporation (Verified) Microsoft Corporation
mDNSResponder.exe 2 392 K 3 872 K 1804 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 2 732 K 3 308 K 616 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 76 216 K 76 852 K 6056 Google Chrome Google Inc. (Verified) Google Inc
HWDeviceService64.exe 1 896 K 2 608 K 2016 DCSHOST (Verified) Huawei Technologies Co.
HPSIsvc.exe 1 620 K 2 600 K 1996 HP Smart-Install Service HP (Verified) Hewlett-Packard Company
GoogleCrashHandler64.exe 1 472 K 656 K 3112 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe 1 428 K 528 K 3384 Google Crash Handler Google Inc. (Verified) Google Inc
dllhost.exe 1 436 K 2 972 K 5100 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DCSHelper.exe 1 592 K 3 908 K 3584 DataCardMonitor MFC Application Huawei Technologies Co., Ltd. (Verified) Huawei Technologies Co.
conhost.exe 876 K 1 436 K 1488 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
AESTSr64.exe 1 008 K 1 376 K 1720 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher

  • 0

#5
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,025 posts
  • MVP

Appears to be the usual problems.  The laptop is probably overheating when it gets busy.  Right now it's at 63 C.  

 

Try speedfan
 
Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it.
 
It will tell you your temps in real time.  Leave it running and watch a video or run a scan and see if the temps don't go way up.
This is usually caused by dust build up on the heatsink.  Some laptops you can get to the fan and remove it, clean the heatsink with a vacuum cleaner hose, put it back together and your done.  Others like HP require major surgery. 
 
Also your hard drive is dying.  It's a Seagate so that's not surprising.  They just don't hold up very well.  Following values are cause for concern even tho they have status Good.  I especially do not like the Command Timeout    This has to lead to major delays when the hard drive has to keep saying huh? to the CPU.
 
01
Attribute name Read Error Rate
Real value 0
Current 105
Worst 78
Threshold 6
Raw Value 0000991881
Status Good
...
05
Attribute name Reallocated Sectors Count
Real value 355
Current 83
Worst 83
Threshold 36
Raw Value 0000000163
Status Good
07
Attribute name Seek Error Rate
Real value 0
Current 68
Worst 60
Threshold 30
Raw Value 001C27D852
Status Good
...
BB
Attribute name Reported Uncorrectable Errors
Real value 24 719
Current 1
Worst 1
Threshold 0
Raw Value 000000608F
Status Good
BC
Attribute name Command Timeout
Real value 12 885 102 132
Current 100
Worst 98
Threshold 0
Raw Value 0000030E34
Status Good
...
C3
Attribute name Hardware ECC Recovered
Real value 0
Current 48
Worst 38
Threshold 0
Raw Value 0000991881
Status Good
C5
Attribute name Current Pending Sector Count
Real value 116
Current 100
Worst 100
Threshold 0
Raw Value 0000000074
Status Good
C6
Attribute name Uncorrectable Sector Count
Real value 116
Current 100
Worst 100
Threshold 0
Raw Value 0000000074
Status Good
C7
 
I would clone the drive as soon as possible.  I recommend a Western Digital Black if you plan to keep the PC for a while.  Otherwise any 500 GB SATA II/III 2.5 inch drive will work.  Seagate does make a program to test the hard drive
Seatools for Windows
but odds are it will take one look at the reallocated sectors and just tell you the drive is toast.  
 
Your Process Explorer is also pretty ugly.  Hit the space bar to keep it from jumping around then hover over the top svchosts.exe.  It will tell you what services are riding on it.  If you see Windows Update then right cliock on Computer and select Manage then Services and Applications then Services.  Find Windows Update and right click it and select Properties.  Stop the service.  
 
Close VLC.
 
Go back to Process Explorer and (click on space bar to start it up again) and  make a new log and post it.
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP