Razer0807 utworzono 4 października 2014 utworzono 4 października 2014 Witam, jak w temacie, event log zaśmiecony błędami, oraz komputer się zawiesza podczas przeglądania stron, gdy np otworzę nową karte, strona na niej się nie ładuje, gdy w tym czasię spróbuje przełączyć się na inny program, komputer zawiesza się na kilkadziesiąt sekund, podczas pisania tego tematu dodatkowo dostałem bsoda(nie będzie go w logach), co odkąd odesłania jednej kości do serwisu się nie działo. bsod którego dostałem podczas pisania tematu rozpoczał się w event viewerze od: [log] Log Name: System Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv Date: 2014-10-05 00:45:34 Event ID: 10 Task Category: Driver Level: Error Keywords: User: SYSTEM Computer: GusmasPC Description: A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001C Param3: 0x900000006 Param4: 0x0 Status: 0x1 Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-EnhancedStorage-EhStorTcgDrv" Guid="{AA3AA23B-BB6D-425A-B58C-1D7E37F5D02A}" /> <EventID>10</EventID> <Version>0</Version> <Level>2</Level> <Task>1</Task> <Opcode>57</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2014-10-04T22:45:34.629500700Z" /> <EventRecordID>5031</EventRecordID> <Correlation /> <Execution ProcessID="4" ThreadID="8" /> <Channel>System</Channel> <Computer>GusmasPC</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="Description">AuthenticateSession</Data> <Data Name="Param1">0x1</Data> <Data Name="Param2">0x60000001c</Data> <Data Name="Param3">0x900000006</Data> <Data Name="Param4">0x0</Data> <Data Name="CmdStatus">0x1</Data> </EventData> </Event> [/log] [attachment=34486:OTL.Txt] Extras [log]OTL Extras logfile created on: 2014-10-05 00:25:01 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = E:\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.17278) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 3,96 Gb Total Physical Memory | 1,36 Gb Available Physical Memory | 34,47% Memory free 7,96 Gb Paging File | 4,69 Gb Available in Paging File | 58,88% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 111,79 Gb Total Space | 40,86 Gb Free Space | 36,55% Space Free | Partition Type: NTFS Drive E: | 465,41 Gb Total Space | 436,46 Gb Free Space | 93,78% Space Free | Partition Type: NTFS Drive F: | 3,74 Gb Total Space | 3,74 Gb Free Space | 99,99% Space Free | Partition Type: FAT32 Computer Name: GUSMASPC | User Name: Jan | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade] "UpgradeTime" = Reg Error: Unknown registry data type -- File not found ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0CCA3764-308B-4685-9483-EAA8EE82196F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{1BE410B4-16EC-4F40-887E-7C80379357DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{21D79BBA-3F57-4FB7-9DCC-698ED1D87450}" = lport=2869 | protocol=6 | dir=in | app=system | "{29D9FBE0-2C9B-430B-BCA8-1A4A3DB2D80C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{39969883-0F52-4A38-B345-7CBF61062E59}" = lport=137 | protocol=17 | dir=in | app=system | "{3B0DADB7-49A2-4A54-88D0-96CD34585985}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{41FB0C9E-0031-4280-81AD-F0B85539FC7D}" = rport=10243 | protocol=6 | dir=out | app=system | "{53B15978-7155-4FC8-894B-875CA4CC47FD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5F65C9F6-5476-4A77-BF8B-506903454B53}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{7EBE4F7D-6F3D-481C-93C4-CC88B6C4C77A}" = lport=139 | protocol=6 | dir=in | app=system | "{84810251-2B17-43E4-BF59-DE80FD2F5394}" = lport=10243 | protocol=6 | dir=in | app=system | "{85C8D4DF-58E3-4895-A39E-511EA65A4B0F}" = rport=445 | protocol=6 | dir=out | app=system | "{8B944409-E949-4044-A33F-C13CC176EAE7}" = lport=138 | protocol=17 | dir=in | app=system | "{CE52A654-5973-4E38-8072-B33541178759}" = rport=137 | protocol=17 | dir=out | app=system | "{D23F5708-EB33-4713-B8F1-F690FCEBD77E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D7DFE624-036F-4158-800B-1423419A7D42}" = lport=445 | protocol=6 | dir=in | app=system | "{E142F4B7-7F1A-43C7-B2F6-EC7B9475C827}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{EB768A97-E77F-4951-A7D3-07BC0A4EE1E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F11D9E8E-B762-47CE-87BA-E57B2FB9F685}" = rport=139 | protocol=6 | dir=out | app=system | "{F45C2E15-0217-42B5-90F6-62EDC4A18BF7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F4BC520E-4182-44F6-BCDF-A4F1EECFB97E}" = rport=138 | protocol=17 | dir=out | app=system | "{FBB6C8A0-0FCD-4BFA-B797-D50B01C29DCF}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | "{FF4E9D36-0EB6-477E-8AE2-6F6955A9A785}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{041FCB79-D343-416E-BEEF-5273B40916CE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{05EE371A-86DA-4122-95A3-6404C6A56839}" = dir=in | app=c:\users\jan\appdata\local\temp\7zs78a4\setup\hpznui40.exe | "{0D91C12B-3614-4E2B-84FF-754BF0DED03B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{10D6207F-0E29-4514-946D-DE15491F3FD6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{1104EA1A-8E84-49E1-B6A6-EFC60E774F38}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{13B0C9E7-0BC9-4C3C-A9C1-4E396D1194F1}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{145CE32E-78FB-42B9-BE78-E93B24B11EA6}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} | "{158E155A-FEE4-43D6-A626-59601B4A5122}" = dir=out | name=@{microsoft.bingsports_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} | "{165775BB-608B-431C-8237-8BA0AF1846CA}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\arma 3\arma3launcher.exe | "{1668CAA8-C834-460D-919D-982FD5481A44}" = protocol=6 | dir=in | app=c:\users\jan\appdata\roaming\bittorrent\bittorrent.exe | "{19A08BF9-89DB-4C88-B418-8D54771348A1}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} | "{1B01D085-3DF4-4ABF-BFCC-D1E54E444D72}" = protocol=17 | dir=in | app=c:\users\jan\appdata\roaming\bittorrent\bittorrent.exe | "{1BAA3D5D-2706-46B2-8D10-65765C98D7BB}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} | "{2186F8FE-A05D-46BB-AC3E-055D387DA712}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} | "{220F8B72-41F3-4B39-A5CE-83EBCE9A422D}" = protocol=6 | dir=in | app=e:\steamlibrary\steamapps\common\arma 3\arma3.exe | "{2335EB53-5553-49ED-85BF-9FCF7FF90043}" = protocol=6 | dir=out | app=system | "{2349E075-6835-4A08-B021-8977D801273F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{2444C611-5A74-4D81-A400-296DD8C965D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{26658A8A-95DF-4089-90D0-F557D2030485}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{28534BBE-CCB8-4B54-9C89-DC132810D325}" = dir=out | name=@{microsoft.zunemusic_2.6.320.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | "{31457CCD-44D9-462E-AFB3-CBCD15AFAEAB}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{328EF278-45E1-45C7-BECB-76170FE847D5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{3681B458-2623-4BE4-B8F8-DA953F347476}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} | "{3AE2CDCC-A2D8-4F51-9AD0-F0E195368D3E}" = dir=in | name=hp all-in-one printer remote | "{3E37CD44-0118-478E-8F37-6FA0941AD51F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{3E888BDE-A64E-4C33-808D-9E70CF79958D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{416503E1-1F71-4BE2-9320-016BD2C473F4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn | "{4440AAB1-0187-4DA7-A5F5-4E55C66818D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{4671D200-4609-4B08-875B-13CBA9174267}" = dir=out | name=@{microsoft.zunevideo_2.6.314.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | "{482ADFDB-8641-492B-A885-968B1AF19FAC}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{4B8DFD44-9C8C-4515-98DA-61500C654F4B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{4E3EEA7D-A674-4341-932D-C5443C66442F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect | "{5C94CE02-F322-43C1-BADD-7D691948DCB3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect | "{693BE00E-49FF-4338-A23F-427113213A4A}" = dir=out | name=hp all-in-one printer remote | "{7000095B-813F-4015-A8DE-8F4E9420A48B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{7142AE5F-BEB2-486D-B18F-AC7A557698E3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{728DED98-0A82-4261-A38B-AC4CF029A9A1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{77625E6B-8DC5-4B58-9765-70823A15FF03}" = protocol=17 | dir=in | app=e:\steamlibrary\steamapps\common\arma 3\arma3.exe | "{7BEE759F-29E6-4ADE-ACF8-0BBBCACDEF5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{7D6956D6-FEF1-46F1-AA7A-74E6086FE0DA}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{92C112AD-5C94-4379-9805-527EB14F2B6E}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} | "{964E1566-2062-47B3-B0F5-1E19F6E3F01B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{A2463DDF-26A4-4741-984A-259DAA5EEB45}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{A303223C-8773-41B1-B62C-4C9259DE74CC}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{A594C7B0-1CBC-451A-972F-A186BF439F87}" = dir=in | name=skype | "{AE23F44F-56E2-4205-BF6A-6E32042AA366}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{B32C1350-8A4F-4C67-BCE0-96F34CE4D749}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{B62AFB5E-FF27-4FD2-B7D9-405616012BC3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{B8F08445-9105-41CF-B0AF-150D0C713C6E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{BB1AF0F1-88A6-4873-B2BB-DA37C3F20C2C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{C1922631-9FA0-4F6D-B741-DEC208FAA3E5}" = dir=out | name=@{microsoft.bingweather_3.0.4.214_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} | "{C507E4B5-22D2-41CF-917C-524FE5EFE492}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{C512CA6F-20F2-43AF-A904-FC59CF9241B5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{CF4A7CC2-72DE-4BEF-BC92-D33A88F792F1}" = protocol=6 | dir=in | app=e:\steamlibrary\steamapps\common\arma 3\arma3launcher.exe | "{D0F2C708-CFCC-4521-852C-11936CC4F06B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{D252C1F4-5C35-4786-8F43-E40A5FCA5D6D}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{D2FF7E0E-259F-4F21-869D-5A0BD4345A95}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{D3A52036-5ECF-4CA0-A69C-452F10CACDA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe | "{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn | "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn | "{E3024AA3-8BE8-4354-BC4B-0DD6EE7F1E5E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe | "{E439CB73-23C5-425E-A032-3C6D5C0A070A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn | "{F141E222-44BF-41C9-9A8E-4B427F5AF397}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client | "{F68ED585-FBD6-46E3-BE0B-BB1FB37C6C8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client | "{F7D8A773-2A30-4CEE-AA62-277451EB29F8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{FB589339-BD08-4CF1-883C-F489A86FDB95}" = dir=out | name=windows_ie_ac_001 | "{FE495FD6-6A49-4C72-A05C-A2E2A7169FEB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{FFF85AB5-BF9A-4645-954B-06E09AD0C266}" = dir=out | name=skype | "TCP Query User{38805E2C-8CC2-4DBF-B4B0-7935889B294D}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "TCP Query User{B85034F0-A52F-47B8-87A5-B1976F05AAF4}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | "UDP Query User{49C8A883-0D72-497B-B6C5-9BB44AB3D7A1}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | "UDP Query User{D338E4FF-FB00-483D-808A-F83FEDB7730A}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0851BE65-294B-4BBA-8A0D-C1320DCBBCA3}" = AdAwareInstaller "{0C719EDD-2815-500E-2193-E5793926EB04}" = AMD Fuel "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{235E711E-20A7-4BF4-8913-B295343A4996}" = AvcEngine "{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 "{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC}" = ccc-utility64 "{5A53DBA6-9B15-450F-EDF3-C01E12E9C61F}" = AMD Catalyst Install Manager "{5FC3AA31-66F9-0844-0B77-D51DAD5E1293}" = ccc-utility64 "{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64 "{721A858C-9C26-4832-8958-CDAFFC596E3D}" = AntispamEngine "{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 "{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}" = Classic Shell "{877C7A27-7529-4B0C-BA7B-4D697E90DDC1}" = FirewallEngine "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 "{A8F67345-FA75-4E99-AEBA-DE9BFE708A49}" = OnlineThreatsEngine "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 "{C63184F3-8343-408F-A948-DDB0AC969A99}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 6 "{CAE09645-C59C-82E4-C676-73B7BD5EC34E}" = AMD Accelerated Video Transcoding "{CC347FC6-C8D7-493A-B70E-1D89E22691A7}" = AntimalwareEngine "{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}" = AdAwareUpdater "{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater" = Ad-Aware Antivirus "{E7ACB435-E0B4-4770-77DE-ED38887CD133}" = AMD Fuel "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "CCleaner" = CCleaner "CPUID HWMonitor_is1" = CPUID HWMonitor 1.25 "HitmanPro37" = HitmanPro 3.7 "HP Imaging Device Functions" = HP Imaging Device Functions 14.0 "HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0 "HPExtendedCapabilities" = HP Customer Participation Program 14.0 "Shop for HP Supplies" = Shop for HP Supplies [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "$REGNAME" = Gaming Mouse "{01712CA4-357E-B173-896C-75F612318729}" = CCC Help Japanese "{01DEE6F4-E8AD-56B3-23CD-85CE71C08C57}" = CCC Help Danish "{0203374B-2FFF-346D-0CC3-CACA1E85AD2C}" = CCC Help Greek "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan "{070232F8-068B-1FF6-B5C4-F8F38E09C7E1}" = CCC Help Turkish "{104DE091-6C4F-C5A9-F619-5D6C965A0296}" = CCC Help Chinese Traditional "{11074A02-0E73-7CD6-5A95-42B3EF438B7E}" = CCC Help Portuguese "{13309695-DDAB-4DAA-FE9A-EE3DCCDC8D19}" = CCC Help Czech "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 "{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks "{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 "{253B90F3-7907-FB4B-7A62-6DE51B7A905D}" = CCC Help Chinese Traditional "{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding "{285C9F30-3BF8-697B-BD1D-353435E94B78}" = CCC Help Hungarian "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{29967A7C-6E18-91CD-BBE4-9C09F401E950}" = CCC Help Italian "{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 "{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 "{3FDC2029-3012-C74C-9036-9E7C942EB0A2}" = CCC Help Thai "{4A449AED-BFFA-A416-99F2-BF2462968370}" = CCC Help Italian "{54D05374-2428-7BE0-58CD-CE8031163DE6}" = CCC Help Russian "{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio "{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status "{5C6AFE98-08BF-086A-300D-18F77D284966}" = CCC Help Swedish "{5C757800-27E8-2AE3-889A-8B959AE689F8}" = CCC Help Japanese "{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4}" = AMD Catalyst Control Center "{5D3EC645-B957-36A1-068A-FE8450963669}" = CCC Help Spanish "{5F3E61A8-6465-4F78-B6BC-758A8FCDA736}" = CCC Help French "{61B90A4D-8CC9-2FED-2495-AC8C9467C984}" = CCC Help Norwegian "{661456B2-8102-D50F-CACD-7D7290716644}" = AMD Catalyst Control Center "{69F64374-D859-E478-3BE7-DF995BB45A72}" = CCC Help Chinese Standard "{73E80655-FB3C-46F4-BE00-62D248BC490A}" = Visual C++ 2008 Runtime (x64) "{7BF6AB6F-353B-6F9A-98D7-682429B63197}" = Catalyst Control Center InstallProxy "{7C5B13DA-6A68-86C7-ED29-610CA0F49555}" = CCC Help French "{80680785-2EE1-053F-9CD3-4B2C904596EE}" = Catalyst Control Center InstallProxy "{842F265F-32FE-C610-78DA-F5CE882EFA32}" = CCC Help English "{85579986-337B-C4C3-E86D-8E39F1D2A4A8}" = CCC Help Hungarian "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{912D30CF-F39E-4B31-AD9A-123C6B794EE2}" = HP Update "{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire "{925ADFF9-CFF2-57DC-1D09-664BE1306998}" = CCC Help Korean "{940CFCDC-086A-E320-21DF-8AEB71D6F817}" = CCC Help Norwegian "{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 "{95B8F519-8C35-9010-A63C-51B3E0EE8D4E}" = CCC Help Dutch "{971F06EE-6075-B8CE-115E-D2C74BE124C1}" = CCC Help Dutch "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A838EB7-B0EE-F822-FE93-5B38B04C6E18}" = CCC Help Russian "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F609522-2B52-5EC4-6E5F-070E5EB47275}" = Catalyst Control Center Graphics Previews Common "{9F850990-19CD-8CF4-D772-F84ECAAFEB7A}" = CCC Help Turkish "{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 "{A3806AB7-AB46-7672-A825-F9AE0DE6910A}" = CCC Help Finnish "{A8EF51A6-F00D-6050-81F3-0AF338B81B04}" = CCC Help Polish "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{B079957C-3276-4B9F-DB08-D1CA8C090D9E}" = CCC Help Greek "{B12BE177-DC00-5746-3AB9-91CD090AF555}" = Catalyst Control Center Localization All "{B9372168-0CCC-3F40-B16F-A7AF1DB67149}" = CCC Help Finnish "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BF5509A0-250A-25EA-0C19-61505E9EBA13}" = CCC Help Chinese Standard "{C0974FF0-282B-4730-A50C-B112FA263E17}" = PS_AIO_07_B110_SW_Min "{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C}" = CCC Help Thai "{C69EA753-0D3F-E48B-8C98-7F6310DC29B8}" = CCC Help German "{CACB117C-8574-E9EA-C605-84673E9A7DDF}" = CCC Help Spanish "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CC2917EA-96EC-41D1-9756-760C32AF6F12}" = B110 "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{DC7734A3-535B-6FC6-39EE-A62E71FCAE63}" = Catalyst Control Center Localization All "{DD131D15-2FD4-B0B1-6F7F-2312CBE77799}" = CCC Help Swedish "{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer "{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 "{EB766D4A-C56C-946D-F74D-43C78FE4521E}" = CCC Help Korean "{ED0D7699-1943-0C29-7465-6530F8DE2DA2}" = CCC Help Polish "{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B}" = CCC Help Czech "{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6}" = CCC Help Danish "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F8135163-F185-895A-C4CD-AB316D585030}" = CCC Help German "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 "{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C}" = CCC Help Portuguese "{FDF2FE33-426D-45C2-4E70-76C162F1B790}" = CCC Help English "Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin "ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.383 "DAEMON Tools Lite" = DAEMON Tools Lite "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "Fraps" = Fraps "Google Chrome" = Google Chrome "KLiteCodecPack_is1" = K-Lite Codec Pack 10.7.1 Full "Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware wersja 2.0.2.1012 "OCCT" = OCCT 4.4.1 "Raptr" = Raptr "Rockstar Games Social Club" = Rockstar Games Social Club "SpeedFan" = SpeedFan (remove only) "Steam" = Steam "Steam App 107410" = Arma 3 "Steam App 730" = Counter-Strike: Global Offensive "TeamSpeak 3 Client" = TeamSpeak 3 Client "WinRAR archiver" = Archiwizator WinRAR "X-Mouse Button Control" = X-Mouse Button Control 2.7 "ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1" = Aslain's XVM Mod wersja 3.9.9 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 2014-09-28 09:20:09 | Computer Name = GusmasPC | Source = amdacpusrsvc | ID = 0 Description = Error - 2014-09-28 23:38:55 | Computer Name = GusmasPC | Source = amdacpusrsvc | ID = 0 Description = Error - 2014-09-28 23:38:55 | Computer Name = GusmasPC | Source = amdacpusrsvc | ID = 0 Description = Error - 2014-09-29 01:07:31 | Computer Name = GusmasPC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error - 2014-09-29 01:07:38 | Computer Name = GusmasPC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error - 2014-09-29 02:26:49 | Computer Name = GusmasPC | Source = Desktop Window Manager | ID = 9020 Description = The Desktop Window Manager has encountered a fatal error (0x8898008d) Error - 2014-10-01 02:46:23 | Computer Name = GusmasPC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error - 2014-10-04 15:00:00 | Computer Name = GusmasPC | Source = ESENT | ID = 455 Description = svchost (1352) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU00127.log. Error - 2014-10-04 17:46:53 | Computer Name = GusmasPC | Source = VSS | ID = 8194 Description = Error - 2014-10-04 17:46:55 | Computer Name = GusmasPC | Source = Microsoft-Windows-CAPI2 | ID = 513 Description = Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . [ System Events ] Error - 2014-10-04 15:06:06 | Computer Name = GusmasPC | Source = Service Control Manager | ID = 7000 Description = The UAC File Virtualization service failed to start due to the following error: %%1275 Error - 2014-10-04 15:06:07 | Computer Name = GusmasPC | Source = Service Control Manager | ID = 7000 Description = The AODDriver4.3 service failed to start due to the following error: %%2 Error - 2014-10-04 15:08:39 | Computer Name = GusmasPC | Source = Microsoft-Windows-Kernel-Boot | ID = 29 Description = Error - 2014-10-04 15:08:45 | Computer Name = GusmasPC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 21:06:06 on ?2014-?10-?04 was unexpected. Error - 2014-10-04 15:08:40 | Computer Name = GusmasPC | Source = Microsoft-Windows-EnhancedStorage-EhStorTcgDrv | ID = 10 Description = A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001c Param3: 0x900000006 Param4: 0x0 Status: 0x1 Error - 2014-10-04 15:08:45 | Computer Name = GusmasPC | Source = Service Control Manager | ID = 7000 Description = The UAC File Virtualization service failed to start due to the following error: %%1275 Error - 2014-10-04 15:08:46 | Computer Name = GusmasPC | Source = Service Control Manager | ID = 7000 Description = The AODDriver4.3 service failed to start due to the following error: %%2 Error - 2014-10-04 17:38:19 | Computer Name = GusmasPC | Source = Microsoft-Windows-EnhancedStorage-EhStorTcgDrv | ID = 10 Description = A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001c Param3: 0x900000006 Param4: 0x0 Status: 0x1 Error - 2014-10-04 17:38:23 | Computer Name = GusmasPC | Source = Service Control Manager | ID = 7000 Description = The UAC File Virtualization service failed to start due to the following error: %%1275 Error - 2014-10-04 17:38:25 | Computer Name = GusmasPC | Source = Service Control Manager | ID = 7000 Description = The AODDriver4.3 service failed to start due to the following error: %%2 < End of report > [/log] FRST [log]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-10-2014 01 Ran by Jan (administrator) on GUSMASPC on 05-10-2014 00:36:05 Running from E:\Downloads Loaded Profile: Jan (Available profiles: Jan) Platform: Windows 8.1 Pro (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Areson) C:\Gaming Mouse\Gaming Driver.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (BitTorrent Inc.) C:\Users\Jan\AppData\Roaming\BitTorrent\BitTorrent.exe (OldTimer Tools) E:\Downloads\OTL.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) E:\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1261712 2014-04-30] (Highresolution Enterprises) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] () HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-08-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [$REGNAME] => C:\Gaming Mouse\Gaming Driver.exe [4800000 2013-08-29] (Areson) HKU\S-1-5-21-2721994807-1105106482-2290203855-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd) HKU\S-1-5-21-2721994807-1105106482-2290203855-1001\...\Run: [ASRockXTU] => [X] ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB3D8830BF7C5CF01 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - iexplore.exe BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.5.671\_platform_specific\win_x86\widevinecdmadapter.dll () CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll () CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-01] CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-01] CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-01] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-02] CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-01] CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-01] CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-01] CHR Extension: (Google Sheets) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-01] CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-01] CHR Extension: (Porsche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkclphmapdcppbmekmbkcjfanpmoidpg [2014-09-19] CHR Extension: (Hola Better Internet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-17] CHR Extension: (Google Mail Checker) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-09-01] CHR Extension: (Google Wallet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-01] CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-08-11] (Advanced Micro Devices, Inc.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed] R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] () S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation) R3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices) R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [727592 2014-08-21] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [261496 2014-08-21] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [601360 2014-08-21] (BitDefender) R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2014-07-10] (BitDefender LLC) R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2014-07-10] (BitDefender LLC) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-19] (Disc Soft Ltd) R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-07-10] (BitDefender LLC) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) R3 XENfiltv; C:\Windows\system32\drivers\XENfiltv.sys [25600 2009-07-31] (Creative Technology Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-05 00:35 - 2014-10-05 00:36 - 00000000 ____D () C:\FRST 2014-10-04 23:44 - 2014-10-04 23:44 - 00001951 _____ () C:\Users\Public\Desktop\HitmanPro.lnk 2014-10-04 23:44 - 2014-10-04 23:44 - 00000000 ____D () C:\Program Files\HitmanPro 2014-10-04 23:43 - 2014-10-04 23:48 - 00000000 ____D () C:\ProgramData\HitmanPro 2014-10-04 21:01 - 2014-10-04 21:01 - 00000000 _____ () C:\Users\Jan\Desktop\stress.txt 2014-10-04 18:44 - 2014-10-04 18:44 - 00000000 ____D () C:\Users\Jan\Documents\3DMark 11 2014-10-04 18:44 - 2014-10-04 18:44 - 00000000 ____D () C:\Users\Jan\AppData\Local\IsolatedStorage 2014-10-04 18:44 - 2014-10-04 18:44 - 00000000 ____D () C:\Program Files (x86)\Futuremark 2014-10-04 18:32 - 2014-10-04 18:32 - 00000222 _____ () C:\Users\Jan\Desktop\3DMark 11 Demo.url 2014-10-04 15:11 - 2014-10-05 06:45 - 00000000 ____D () C:\Program Files (x86)\HD Tune 2014-10-02 19:00 - 2014-10-02 19:00 - 00000556 _____ () C:\Windows\PFRO.log 2014-10-02 18:09 - 2014-10-02 18:09 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-02 18:09 - 2014-10-02 18:09 - 00000000 _____ () C:\Windows\setupact.log 2014-10-01 22:33 - 2014-10-01 22:33 - 00000000 ____D () C:\Users\Jan\AppData\Local\Macromedia 2014-10-01 22:32 - 2014-10-01 22:33 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Mozilla 2014-10-01 22:32 - 2014-10-01 22:33 - 00000000 ____D () C:\Users\Jan\AppData\Local\Mozilla 2014-10-01 22:31 - 2014-10-05 06:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-01 22:31 - 2014-10-01 22:31 - 00000000 ____D () C:\ProgramData\Mozilla 2014-09-29 11:39 - 2014-09-29 11:43 - 00000000 ____D () C:\Program Files\ASRock 2014-09-29 11:34 - 2014-09-29 11:34 - 00003022 _____ () C:\Windows\System32\Tasks\asrRd 2014-09-29 11:34 - 2014-09-29 11:34 - 00001250 _____ () C:\Users\Public\Desktop\ASRock eXtreme Tuner.lnk 2014-09-29 11:34 - 2014-09-29 11:34 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\FNET 2014-09-29 11:34 - 2014-09-29 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASRock Utility 2014-09-29 11:34 - 2014-09-29 11:34 - 00000000 ____D () C:\ProgramData\FNET 2014-09-29 11:34 - 2014-09-29 11:34 - 00000000 ____D () C:\Program Files (x86)\ASRock Utility 2014-09-29 07:26 - 2014-09-29 07:26 - 00000000 ____D () C:\ProgramData\ATI 2014-09-29 07:09 - 2014-09-29 07:09 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-09-29 07:08 - 2014-09-29 07:08 - 00067608 _____ () C:\Windows\SysWOW64\CCCInstall_201409290708577760.log 2014-09-29 07:08 - 2014-09-29 07:08 - 00000000 ____D () C:\Windows\LastGood.Tmp 2014-09-29 07:08 - 2014-09-29 07:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-09-29 07:08 - 2014-02-16 18:23 - 00060640 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys 2014-09-29 07:06 - 2014-09-29 07:08 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-09-29 06:59 - 2014-09-29 06:59 - 00066300 _____ () C:\Windows\SysWOW64\CCCInstall_201409290659433719.log 2014-09-28 12:31 - 2014-09-28 12:31 - 00001356 _____ () C:\Users\Jan\Documents\cc_20140928_123141.reg 2014-09-27 20:57 - 2014-09-27 20:57 - 00000000 ____D () C:\Users\Jan\Desktop\pic 2014-09-27 20:56 - 2014-09-27 20:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-09-27 18:16 - 2014-10-04 23:40 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-09-27 18:16 - 2014-09-27 18:16 - 00001023 _____ () C:\Users\Jan\Desktop\SpeedFan.lnk 2014-09-27 18:16 - 2014-09-27 18:16 - 00000045 _____ () C:\Windows\SysWOW64\initdebug.nfo 2014-09-27 18:16 - 2014-09-27 18:16 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-09-27 18:16 - 2014-09-27 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan 2014-09-26 00:39 - 2014-09-26 00:39 - 00012224 _____ () C:\Users\Jan\Documents\clickerHeroSave.txt 2014-09-25 23:48 - 2014-09-28 12:32 - 00000000 ____D () C:\Program Files (x86)\auto-clicker 2014-09-25 22:58 - 2014-10-01 22:07 - 00000000 ____D () C:\Users\Jan\Desktop\transformation 2014-09-24 13:15 - 2014-10-04 21:54 - 00011217 _____ () C:\Users\Jan\Desktop\results.txt 2014-09-24 13:09 - 2014-09-24 23:24 - 00000453 _____ () C:\Users\Jan\Desktop\prime.txt 2014-09-24 13:09 - 2014-09-24 13:10 - 00000168 _____ () C:\Users\Jan\Desktop\local.txt 2014-09-23 13:49 - 2014-09-23 13:49 - 00000946 _____ () C:\Users\Public\Desktop\CPUID HWMonitor.lnk 2014-09-23 13:49 - 2014-09-23 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID 2014-09-23 13:49 - 2014-09-23 13:49 - 00000000 ____D () C:\Program Files\CPUID 2014-09-23 11:57 - 2014-09-24 13:10 - 00001271 _____ () C:\Users\Jan\Desktop\CoreTemp.ini 2014-09-22 18:40 - 2014-09-22 18:40 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Wargaming.net 2014-09-22 16:15 - 2014-09-22 16:15 - 00000781 _____ () C:\Users\Public\Desktop\World of Tanks.lnk 2014-09-22 16:15 - 2014-09-22 16:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2014-09-22 16:15 - 2014-09-22 16:15 - 00000000 ____D () C:\Games 2014-09-21 15:11 - 2014-09-21 15:11 - 00000530 _____ () C:\Users\Public\Desktop\Fraps.lnk 2014-09-21 15:11 - 2014-09-21 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2014-09-20 02:59 - 2014-09-20 02:59 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-09-20 02:57 - 2014-09-20 02:57 - 00000000 ____D () C:\Users\Jan\AppData\Local\Chromium 2014-09-20 02:50 - 2014-09-20 02:50 - 00000000 ____D () C:\Users\Jan\Documents\Rockstar Games 2014-09-20 02:50 - 2014-09-20 02:50 - 00000000 ____D () C:\Users\Jan\AppData\Local\SKIDROW 2014-09-20 02:47 - 2014-09-20 02:47 - 00000677 _____ () C:\Users\Public\Desktop\L.A. Noire.lnk 2014-09-20 02:42 - 2014-09-20 02:42 - 00000000 ____D () C:\ProgramData\Rockstar Games 2014-09-19 19:51 - 2014-09-19 19:51 - 00016626 _____ () C:\Users\Jan\Documents\cc_20140919_195156.reg 2014-09-19 19:32 - 2014-09-19 19:32 - 00003138 _____ () C:\Windows\System32\Tasks\{232A7D6C-4497-4EDC-88B4-44764FDF49DC} 2014-09-19 19:29 - 2014-09-28 12:32 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\DAEMON Tools Lite 2014-09-19 19:29 - 2014-09-19 19:29 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-09-19 19:29 - 2014-09-19 19:29 - 00001966 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2014-09-19 19:29 - 2014-09-19 19:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2014-09-19 19:29 - 2014-09-19 19:29 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-09-19 19:28 - 2014-09-20 02:39 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-09-18 18:46 - 2014-09-18 18:46 - 00000000 ____D () C:\ProgramData\BitDefender 2014-09-18 18:36 - 2014-10-04 23:38 - 00002329 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2014-09-18 18:36 - 2014-09-18 18:36 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\LavasoftStatistics 2014-09-18 18:36 - 2014-09-18 18:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2014-09-18 18:36 - 2014-07-10 14:09 - 02084072 _____ (Bitdefender) C:\Windows\system32\bdnc.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 01061776 _____ (BitDefender S.R.L.) C:\Windows\system32\bdsmtpp.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 00209984 _____ (BitDefender) C:\Windows\system32\BdFirewallSDK.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 00195016 _____ (BitDefender) C:\Windows\system32\httproxy.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 00155912 _____ (BitDefender S.R.L.) C:\Windows\system32\bdpop3p.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 00122928 _____ (BitDefender) C:\Windows\system32\OEMbdpredir.dll 2014-09-18 18:36 - 2014-07-10 14:08 - 00096160 _____ (BitDefender) C:\Windows\system32\bdpredir.dll 2014-09-18 18:35 - 2014-09-18 18:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2014-09-18 18:34 - 2014-09-18 18:34 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Lavasoft 2014-09-18 18:34 - 2014-09-18 18:34 - 00000000 ____D () C:\Program Files\Lavasoft 2014-09-18 18:33 - 2014-09-18 18:33 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-09-18 18:32 - 2014-09-18 18:32 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-09-18 18:31 - 2014-09-18 18:31 - 00002259 _____ () C:\Windows\epplauncher.mif 2014-09-18 18:14 - 2014-09-29 11:27 - 00000490 _____ () C:\Users\Jan\Desktop\cpuz.ini 2014-09-18 18:03 - 2014-05-29 22:33 - 36363264 _____ () C:\Users\Jan\Desktop\prime95.exe 2014-09-18 18:03 - 2013-10-08 13:23 - 00890016 _____ () C:\Users\Jan\Desktop\Core Temp.exe 2014-09-18 17:54 - 2014-07-18 15:28 - 02955496 _____ (CPUID) C:\Users\Jan\Desktop\cpuz_x64.exe 2014-09-18 16:02 - 2014-10-04 23:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-18 16:02 - 2014-09-18 16:02 - 00001118 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-09-18 16:02 - 2014-09-18 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-09-18 16:02 - 2014-09-18 16:02 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-18 16:02 - 2014-09-18 16:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-09-18 16:02 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-18 16:02 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-18 16:02 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-17 22:37 - 2014-09-17 22:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Highresolution Enterprises 2014-09-17 22:28 - 2014-09-17 22:28 - 00000736 _____ () C:\Users\Jan\Desktop\mouserate-s.lnk 2014-09-17 22:28 - 2014-09-17 22:28 - 00000000 ____D () C:\Users\Jan\AppData\Local\WorldofTanks 2014-09-17 22:28 - 2014-09-17 22:28 - 00000000 ____D () C:\Mouse Rate Checker 1.1b 2014-09-17 20:38 - 2014-09-17 20:38 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Highresolution Enterprises 2014-09-17 20:36 - 2014-09-17 22:37 - 00000000 ____D () C:\Program Files\Highresolution Enterprises 2014-09-17 20:13 - 2014-09-17 20:13 - 00001523 _____ () C:\Users\Public\Desktop\Gaming Mouse.lnk 2014-09-17 20:13 - 2014-09-17 20:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gaming Mouse 2014-09-17 20:13 - 2014-09-17 20:13 - 00000000 ____D () C:\Gaming Mouse 2014-09-17 07:26 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2014-09-17 07:26 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2014-09-17 07:26 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-09-17 07:26 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-09-17 07:26 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-09-17 07:26 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-09-17 07:26 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll 2014-09-17 07:26 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2014-09-17 07:26 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-09-17 07:26 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll 2014-09-17 07:26 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\tcpmon.dll 2014-09-17 07:26 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-09-17 07:26 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2014-09-17 07:26 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-09-17 07:26 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-09-17 07:26 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll 2014-09-17 07:26 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-09-17 07:26 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2014-09-17 07:26 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-09-17 07:26 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-09-17 07:26 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll 2014-09-17 07:26 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2014-09-17 07:26 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll 2014-09-17 07:26 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll 2014-09-17 07:26 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll 2014-09-17 07:26 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll 2014-09-17 07:26 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll 2014-09-17 07:26 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-09-17 07:26 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll 2014-09-17 07:26 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-09-17 07:26 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll 2014-09-17 07:26 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll 2014-09-17 07:26 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll 2014-09-17 07:26 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll 2014-09-17 07:26 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2014-09-17 07:26 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-09-17 07:26 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-09-17 07:26 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-09-17 07:26 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-09-17 07:26 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2014-09-17 07:26 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-17 07:25 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2014-09-17 07:25 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-09-17 07:25 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2014-09-17 07:25 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys 2014-09-17 07:25 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-09-17 07:25 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-09-17 07:25 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-09-17 07:25 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2014-09-17 07:25 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2014-09-17 07:25 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2014-09-17 07:25 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe 2014-09-17 07:25 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-09-17 07:25 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-09-17 07:25 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-09-17 07:25 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-09-17 07:25 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll 2014-09-17 07:25 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-09-17 07:25 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll 2014-09-17 07:25 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-09-17 07:25 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2014-09-17 07:25 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL 2014-09-17 07:25 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SndVol.exe 2014-09-17 07:25 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2014-09-17 07:25 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-09-17 07:25 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2014-09-17 07:25 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll 2014-09-17 07:25 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll 2014-09-17 07:25 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\KBDRUM.DLL 2014-09-17 07:25 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-09-17 07:25 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTT102.DLL 2014-09-17 07:25 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-09-17 07:25 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-09-17 07:25 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-09-17 07:25 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-09-17 07:25 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-09-17 07:25 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2014-09-17 07:25 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys 2014-09-17 07:25 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-09-17 07:25 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys 2014-09-17 07:25 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys 2014-09-17 07:25 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys 2014-09-17 07:25 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-09-17 07:25 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-09-17 07:25 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll 2014-09-17 07:25 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\iasnap.dll 2014-09-17 07:25 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll 2014-09-17 07:25 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-09-17 07:25 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-09-17 07:25 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTT102.DLL 2014-09-17 07:25 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-09-17 07:25 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRUM.DLL 2014-09-17 07:25 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-09-17 07:25 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-09-17 07:25 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-09-17 07:25 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll 2014-09-17 07:25 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-09-17 07:25 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl 2014-09-17 07:25 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll 2014-09-17 07:25 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll 2014-09-17 07:25 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll 2014-09-17 07:25 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-09-17 07:25 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-09-17 07:25 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iasnap.dll 2014-09-17 07:25 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-09-17 07:25 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2014-09-17 07:25 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll 2014-09-17 07:25 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll 2014-09-17 07:25 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll 2014-09-17 07:25 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll 2014-09-17 07:25 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll 2014-09-17 07:25 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl 2014-09-17 07:25 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\Windows\system32\PrintDialogs.dll 2014-09-17 07:25 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2014-09-17 07:25 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll 2014-09-17 07:25 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll 2014-09-17 07:25 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-09-17 07:25 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-09-17 07:25 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenter.dll 2014-09-17 07:25 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll 2014-09-17 07:25 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2014-09-17 07:25 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll 2014-09-17 07:25 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wlansvcpal.dll 2014-09-17 07:25 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll 2014-09-17 07:25 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll 2014-09-17 07:25 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll 2014-09-17 07:25 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2014-09-17 07:25 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll 2014-09-17 07:25 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll 2014-09-17 07:25 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll 2014-09-17 07:25 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintDialogs.dll 2014-09-17 07:25 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\Windows\system32\Defrag.exe 2014-09-17 07:25 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll 2014-09-17 07:25 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-09-17 07:25 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll 2014-09-17 07:25 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\Windows\system32\defragsvc.dll 2014-09-17 07:25 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2014-09-17 07:25 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll 2014-09-17 07:25 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll 2014-09-17 07:25 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll 2014-09-17 07:25 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Bluetooth.dll 2014-09-17 07:25 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll 2014-09-17 07:25 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll 2014-09-17 07:25 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2014-09-17 07:25 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll 2014-09-17 07:25 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll 2014-09-17 07:25 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll 2014-09-17 07:25 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Bluetooth.dll 2014-09-17 07:25 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll 2014-09-17 07:25 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-09-17 07:25 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2014-09-17 07:25 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv 2014-09-17 07:25 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll 2014-09-17 07:25 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll 2014-09-17 07:25 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-09-17 07:25 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll 2014-09-17 07:25 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe 2014-09-17 07:25 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-09-17 07:25 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll 2014-09-17 07:25 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll 2014-09-17 07:25 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-09-17 07:25 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll 2014-09-17 07:25 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll 2014-09-17 07:25 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll 2014-09-17 07:25 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-09-17 07:25 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-09-17 07:25 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv 2014-09-17 07:25 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2014-09-17 07:25 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll 2014-09-17 07:25 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-09-17 07:25 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-09-17 07:25 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VAN.dll 2014-09-17 07:25 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-09-17 07:25 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-09-17 07:25 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-09-17 07:25 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll 2014-09-17 07:25 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2014-09-17 07:25 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll 2014-09-17 07:25 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2014-09-17 07:25 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-09-17 07:25 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll 2014-09-17 07:25 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll 2014-09-17 07:25 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2014-09-17 07:25 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll 2014-09-17 07:25 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll 2014-09-17 07:25 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll 2014-09-17 07:25 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2014-09-17 07:25 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-09-17 07:25 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\SysWOW64\locale.nls 2014-09-17 07:25 - 2014-07-24 06:11 - 00513544 _____ () C:\Windows\system32\locale.nls 2014-09-17 07:25 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll 2014-09-17 07:25 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2014-09-17 07:25 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wisp.dll 2014-09-17 07:25 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2014-09-17 07:25 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-17 07:25 - 2014-07-10 01:19 - 00387391 _____ () C:\Windows\system32\ApnDatabase.xml 2014-09-17 07:25 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys 2014-09-17 07:25 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSip.dll 2014-09-17 07:25 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2014-09-17 07:25 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxSip.dll 2014-09-17 07:25 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2014-09-17 07:25 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll 2014-09-17 07:25 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll 2014-09-17 07:25 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2014-09-17 07:25 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll 2014-09-17 07:25 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll 2014-09-17 07:25 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2014-09-17 07:25 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2014-09-17 07:25 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-17 07:25 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll 2014-09-17 07:25 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll 2014-09-17 07:25 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2014-09-17 07:25 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll 2014-09-17 07:25 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aclui.dll 2014-09-17 07:25 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll 2014-09-17 07:25 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll 2014-09-17 07:25 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2014-09-17 07:25 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2014-09-17 07:25 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-09-17 07:25 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-09-17 07:25 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\AppxSysprep.dll 2014-09-17 07:25 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2014-09-17 07:25 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2014-09-17 07:25 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll 2014-09-17 07:25 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll 2014-09-17 07:25 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll 2014-09-17 07:25 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll 2014-09-17 07:25 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll 2014-09-17 07:25 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll 2014-09-17 07:18 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys 2014-09-11 22:09 - 2014-10-04 15:10 - 00000000 ____D () C:\Users\Jan\Documents\OCCT 2014-09-11 22:08 - 2014-09-11 22:08 - 00000000 ____D () C:\Users\Jan\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me 2014-09-11 00:26 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 00:26 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 00:26 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 00:26 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 00:26 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 00:26 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 00:26 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 00:26 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 00:26 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 00:26 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 00:26 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 00:26 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 00:26 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 00:26 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 00:26 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 00:26 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 00:26 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 00:26 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 00:26 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 00:26 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 00:26 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 00:26 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 00:26 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 00:26 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 00:26 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 00:26 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 00:26 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 00:26 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 00:26 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 00:26 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 00:26 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 00:26 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 00:26 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 00:26 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 00:26 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 00:26 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 00:26 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-10 23:21 - 2014-09-05 04:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-09-10 23:21 - 2014-09-05 04:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-09-10 23:21 - 2014-09-05 02:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-09-10 23:21 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-09-10 23:21 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-09-10 23:21 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-09-10 23:20 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2014-09-10 23:20 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll 2014-09-10 23:20 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll 2014-09-10 20:16 - 2014-09-10 20:16 - 00012586 _____ () C:\Users\Jan\Documents\cc_20140910_201656.reg 2014-09-10 18:35 - 2014-09-18 18:39 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-09-10 18:11 - 2014-09-10 18:11 - 00000000 ____D () C:\Program Files (x86)\predm 2014-09-10 18:06 - 2014-09-10 18:06 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-09-10 18:04 - 2014-09-10 20:18 - 00000000 ____D () C:\Program Files\Windows KMS Activator Ultimate 2014 v2.3 2014-09-10 18:02 - 2014-09-10 18:07 - 00000000 ____D () C:\Program Files (x86)\globalUpdate 2014-09-10 18:02 - 2014-09-10 18:02 - 00000000 ____D () C:\Users\Jan\AppData\Local\globalUpdate 2014-09-10 15:40 - 2014-09-10 15:40 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieUserList 2014-09-10 15:40 - 2014-09-10 15:40 - 00000000 __SHD () C:\Users\Jan\AppData\Local\EmieSiteList 2014-09-09 19:42 - 2014-09-09 19:42 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit 2014-09-09 16:25 - 2014-09-09 16:25 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\WinRAR 2014-09-09 16:25 - 2014-09-09 16:25 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-09-09 16:25 - 2014-09-09 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-09-09 16:25 - 2014-09-09 16:25 - 00000000 ____D () C:\Program Files (x86)\WinRAR 2014-09-09 16:21 - 2014-09-09 16:21 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\MPC-HC 2014-09-09 16:21 - 2014-09-09 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack 2014-09-09 16:21 - 2014-09-09 16:21 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack 2014-09-09 16:21 - 2014-06-14 16:03 - 00260696 _____ () C:\Windows\system32\unrar64.dll 2014-09-09 16:21 - 2014-06-14 16:03 - 00218200 _____ () C:\Windows\SysWOW64\unrar.dll 2014-09-09 11:42 - 2014-09-09 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-09-09 11:42 - 2014-09-09 11:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-09-09 11:42 - 2014-09-09 11:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-05 06:45 - 2014-09-03 07:46 - 00000000 ____D () C:\Users\Jan\Documents\Arma 3 2014-10-05 06:45 - 2014-09-02 18:38 - 00000000 ____D () C:\Windows\Minidump 2014-10-05 06:45 - 2014-09-01 17:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-05 06:44 - 2014-09-03 16:54 - 00000000 ____D () C:\Program Files\ATI 2014-10-05 06:44 - 2014-09-02 18:50 - 00000000 ____D () C:\ProgramData\HP 2014-10-05 06:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration 2014-10-05 00:31 - 2014-09-02 20:56 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\BitTorrent 2014-10-05 00:24 - 2014-09-01 17:19 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-05 00:23 - 2014-09-01 17:23 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\TS3Client 2014-10-05 00:13 - 2014-09-01 20:17 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\ClassicShell 2014-10-05 00:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru 2014-10-04 23:43 - 2014-09-01 17:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2721994807-1105106482-2290203855-1001 2014-10-04 23:43 - 2013-09-30 06:14 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-04 23:40 - 2014-09-01 17:21 - 00002419 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-04 23:38 - 2014-09-01 18:06 - 00000000 ___DO () C:\Users\Jan\SkyDrive 2014-10-04 23:38 - 2014-09-01 17:19 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-04 23:38 - 2014-09-01 17:16 - 00043008 ___SH () C:\Users\Jan\Desktop\Thumbs.db 2014-10-04 23:38 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-04 23:33 - 2014-09-01 17:17 - 00065536 _____ () C:\Windows\system32\spu_storage.bin 2014-10-04 23:33 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-10-04 22:55 - 2014-09-01 17:30 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-10-04 22:06 - 2014-09-01 17:05 - 01578547 _____ () C:\Windows\WindowsUpdate.log 2014-10-04 21:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-10-04 20:49 - 2014-09-01 17:12 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{60C51FE6-5E0A-4845-9F15-370F5CB1D178} 2014-10-04 20:45 - 2014-09-01 17:09 - 00000000 ____D () C:\Users\Jan 2014-10-04 20:45 - 2013-08-22 16:44 - 00348416 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-02 18:51 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF 2014-09-29 07:09 - 2014-09-01 18:13 - 00000000 ____D () C:\ProgramData\AMD 2014-09-29 07:07 - 2014-09-03 16:45 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-09-29 07:03 - 2014-09-03 16:53 - 00000000 ____D () C:\AMD 2014-09-28 12:32 - 2014-09-02 03:02 - 00000000 ____D () C:\Windows\Panther 2014-09-25 06:31 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache 2014-09-24 16:27 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-09-24 16:16 - 2014-09-03 07:46 - 00000000 ____D () C:\Users\Jan\AppData\Local\Arma 3 2014-09-23 22:17 - 2014-09-01 17:04 - 00000000 __SHD () C:\Recovery 2014-09-23 13:28 - 2014-09-02 20:16 - 00000534 _____ () C:\Users\Jan\Desktop\OCCT.lnk 2014-09-23 13:28 - 2014-09-02 20:15 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-09-20 02:42 - 2014-09-01 17:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-19 19:32 - 2013-08-22 15:25 - 00000229 _____ () C:\Windows\win.ini 2014-09-19 19:30 - 2014-09-01 17:09 - 00001656 _____ () C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-09-18 18:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat 2014-09-18 16:10 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\MediaViewer 2014-09-17 20:36 - 2013-09-30 05:54 - 00000000 ____D () C:\Program Files\Windows Journal 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\setup 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\setup 2014-09-17 20:36 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-09-17 20:36 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\oobe 2014-09-17 20:20 - 2014-09-01 17:32 - 00000000 ____D () C:\Program Files (x86)\Bloody5 2014-09-11 00:27 - 2014-09-04 23:19 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-09-11 00:26 - 2014-09-03 05:06 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 00:26 - 2014-09-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 00:26 - 2014-09-02 23:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 00:26 - 2014-09-02 23:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 00:26 - 2014-09-02 23:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 00:26 - 2014-09-02 23:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 00:26 - 2014-09-02 23:08 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 00:26 - 2014-09-02 23:07 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 00:26 - 2014-09-02 23:07 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 00:25 - 2014-09-03 05:06 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-09 19:18 - 2014-09-02 18:52 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\HpUpdate Some content of TEMP: ==================== C:\Users\Jan\AppData\Local\Temp\DEL645.EXE C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll C:\Users\Jan\AppData\Local\Temp\sfextra.dll C:\Users\Jan\AppData\Local\Temp\tmpE15C.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-26 08:28 ==================== End Of Log ============================[/log] Addition [log][/log] Gmer [log]GMER 2.1.19357 - http://www.gmer.net Rootkit scan 2014-10-05 00:56:42 Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-2 Crucial_CT120M500SSD1 rev.MU05 111,79GB Running: gmer.exe; Driver: C:\Users\Jan\AppData\Local\Temp\uwlcqpoc.sys ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\atiesrxx.exe[920] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffef4f5169a 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atiesrxx.exe[920] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffef4f516a2 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atiesrxx.exe[920] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffef4f5181a 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atiesrxx.exe[920] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffef4f51832 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atieclxx.exe[856] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffef4f5169a 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atieclxx.exe[856] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffef4f516a2 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atieclxx.exe[856] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffef4f5181a 4 bytes [F5, F4, FE, 7F] .text C:\Windows\system32\atieclxx.exe[856] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffef4f51832 4 bytes [F5, F4, FE, 7F] .text C:\Windows\System32\svchost.exe[1636] c:\windows\system32\WSOCK32.dll!setsockopt + 194 00007ffeeb941f6a 4 bytes {XCHG ESP, EAX; JMP 0x1} .text C:\Windows\System32\svchost.exe[1636] c:\windows\system32\WSOCK32.dll!setsockopt + 218 00007ffeeb941f82 4 bytes {XCHG ESP, EAX; JMP 0x1} .text C:\Windows\System32\svchost.exe[1700] c:\windows\system32\WSOCK32.dll!setsockopt + 194 00007ffeeb941f6a 4 bytes {XCHG ESP, EAX; JMP 0x1} .text C:\Windows\System32\svchost.exe[1700] c:\windows\system32\WSOCK32.dll!setsockopt + 218 00007ffeeb941f82 4 bytes {XCHG ESP, EAX; JMP 0x1} .text C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe[4856] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 506 00007ffef4f5169a 4 bytes [F5, F4, FE, 7F] .text C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe[4856] C:\Windows\system32\PSAPI.DLL!GetModuleBaseNameA + 514 00007ffef4f516a2 4 bytes [F5, F4, FE, 7F] .text C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe[4856] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 118 00007ffef4f5181a 4 bytes [F5, F4, FE, 7F] .text C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe[4856] C:\Windows\system32\PSAPI.DLL!QueryWorkingSet + 142 00007ffef4f51832 4 bytes [F5, F4, FE, 7F] .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4548] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 194 00007ffeeb941f6a 4 bytes {XCHG ESP, EAX; JMP 0x1} .text C:\Program Files\Windows Media Player\wmpnetwk.exe[4548] C:\Windows\SYSTEM32\WSOCK32.dll!setsockopt + 218 00007ffeeb941f82 4 bytes {XCHG ESP, EAX; JMP 0x1} ---- Threads - GMER 2.1 ---- Thread C:\Windows\system32\csrss.exe [608:632] fffff96000829b90 Thread C:\Windows\system32\mmc.exe [5708:5736] 00007ffedaef2d70 Thread C:\Windows\system32\mmc.exe [5708:5740] 00007ffedaf6e840 Thread C:\Windows\system32\mmc.exe [5708:5744] 00007ffedaf6e840 Thread C:\Windows\system32\mmc.exe [5708:5748] 00007ffedadf7a2c Thread C:\Windows\system32\mmc.exe [5708:5752] 00007ffedaf6e840 Thread C:\Windows\system32\mmc.exe [5708:5756] 00007ffee11e2774 Thread C:\Windows\system32\mmc.exe [5708:5760] 00007ffedaf6e840 Thread C:\Windows\system32\mmc.exe [5708:5768] 00007ffedaf6e840 Thread C:\Windows\system32\mmc.exe [5708:5772] 00007ffedaf6e840 Thread C:\Windows\system32\mmc.exe [5708:5776] 00007ffedaf6e840 ---- Processes - GMER 2.1 ---- Process C:\Users\Jan\AppData\Local\Temp\Rar$EX00.346\gmer.exe (*** suspicious ***) @ C:\Users\Jan\AppData\Local\Temp\Rar$EX00.346\gmer.exe [2712](2014-10-04 22:53:49) 0000000000400000 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemStartTime 0xF5 0xFB 0x59 0x85 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFStartTime 0x9F 0x5D 0x5A 0x85 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@CMFLastStartTime 0x49 0x08 0xB7 0x9D ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData@SystemLastStartTime 0x31 0x92 0xB4 0x9D ... Reg HKLM\SYSTEM\CurrentControlSet\Control\CMF\SqmData\BootLanguages@en-US 57 Reg HKLM\SYSTEM\CurrentControlSet\Control\CrashControl@LastCrashTime 0xFE 0x6E 0xAC 0x2A ... Reg HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\Configuration\GSM4B3210785_0A_07D8_29^BD13D4B88992362754F13FC916514C29@Timestamp 0x91 0x2C 0x15 0x86 ... Reg HKLM\SYSTEM\CurrentControlSet\Control\Lsa@LsaPid 720 Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed 1058923278 Reg HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server@InstanceID a76f20b9-0e31-4ecc-b72a-2038ec6 Reg HKLM\SYSTEM\CurrentControlSet\Control\WDI\Config@ServerName \BaseNamedObjects\WDI_{2673c34c-0279-404b-8b30-2b373e77673d} Reg HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters\Probe\{9708b4e0-64bc-48d3-85b9-118279207886}@LastProbeTime 1412465905 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 1758 Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch2@Epoch 198 Reg HKLM\SYSTEM\CurrentControlSet\Services\srvnet\Parameters@MajorSequence 57 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{740E1CA5-0976-4BB8-A767-170598BE339A}@LeaseObtainedTime 1412458704 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{740E1CA5-0976-4BB8-A767-170598BE339A}@T1 1412501904 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{740E1CA5-0976-4BB8-A767-170598BE339A}@T2 1412534304 Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{740E1CA5-0976-4BB8-A767-170598BE339A}@LeaseTerminatesTime 1412545104 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}\iexplore@Count 17 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{553891B7-A0D5-4526-BE18-D3CE461D6310}\iexplore@Count 17 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsRequestBucketDrainTime 0x92 0xBA 0xF5 0x6F ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastWindowsLargeRequestBucketDrainTime 0x92 0xBA 0xF5 0x6F ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherBandwidthBucketCounter 2664 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@OtherRequestBucketCounter 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastOtherRequestBucketDrainTime 0x92 0xBA 0xF5 0x6F ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalBandwidthBucketCounter 9624 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@GlobalRequestBucketCounter 0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastGlobalRequestBucketDrainTime 0x92 0xBA 0xF5 0x6F ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@LastUploadTime 0x7F 0xD0 0x59 0x19 ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\PolicyData@RoamingSyncToken LM%3d63548046740803%3bID%3dB31AE0044097CB0!102%3bLR%3d63548047901767%3bEP%3d4%3bTD%3dTrue%3bSO%3d0 Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Live\Roaming\RegistrarData@LastRenewCollectionsInterest 0x13 0x6F 0x6A 0x3C ... Reg HKCU\Software\Microsoft\Windows\CurrentVersion\SettingSync\SyncData@PendingOperations 2 Reg HKCU\Software\Microsoft\Windows\Windows Error Reporting\Debug@StoreLocation C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_83f1537fbb55aaf98c5c2cb40746d8487ebcf2d_00000000_cab_149c2517 ---- EOF - GMER 2.1 ---- [/log]
Gość komentarz 4 października 2014 komentarz 4 października 2014 sprawdz ram memtestem przez 8 godzin
Razer0807 komentarz 4 października 2014 Autor komentarz 4 października 2014 sprawdz ram memtestem przez 8 godzin Właśnie, nie uwzględniłem tego przez bsoda, nie mogę uruchomić memtestu, próbuję zrobić to z usb, mam tylko migający myślnik na czarnym tle i niestety nie ładuje się, szukałem pomocy na forach, ale nic specjalnego nie znalazłem.
Gość komentarz 4 października 2014 komentarz 4 października 2014 a probowales uruchomic gdzies indziej zeby miec pewnosc ze pendrajw jest przygotowany poprawnie?
Razer0807 komentarz 4 października 2014 Autor komentarz 4 października 2014 Niestety nie mam takiej możliwości, memtest najnowszy w wersji na usb, instalowałem 2 razy niestety nie się nie zmieniło. prime95 oraz occt linkpack nie pokazują żadnego błędu.
Gość komentarz 5 października 2014 komentarz 5 października 2014 pokaz screena z zakladki health w programie hd tune
Razer0807 komentarz 5 października 2014 Autor komentarz 5 października 2014 wszystko ok, to nie to ;/
Gość komentarz 5 października 2014 komentarz 5 października 2014 (edytowane) kooolego dysk padocha od wuja bad sektorow niekorekcyjnych odzyskuj co sie da i nowy dysk kupuj zanim padnie na amen
Razer0807 komentarz 6 października 2014 Autor komentarz 6 października 2014 Ten wd? nie mam na nim nic specjalnego.
Gość komentarz 6 października 2014 komentarz 6 października 2014 zmien tasme - blad crc masz czyli moze byc uszkodzona tasma laczaca dysk z komputerem
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.