OTL logfile created on: 19.7.2017 13:04:06 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Martin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
1,99 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 53,84% Memory free
4,22 Gb Paging File | 2,57 Gb Available in Paging File | 61,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 303,35 Gb Total Space | 203,64 Gb Free Space | 67,13% Space Free | Partition Type: NTFS
Drive D: | 150,69 Gb Total Space | 48,65 Gb Free Space | 32,29% Space Free | Partition Type: NTFS
Computer Name: HOME | User Name: Martin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Martin\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o.)
PRC - C:\Program Files\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
PRC - C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Users\Martin\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
PRC - C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\FSC\LASER MOUSE\1.0\GTGMouse.exe ()
PRC - C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
========== Modules (No Company Name) ========== MOD - C:\Program Files\AVAST Software\Avast\AvChrome.dll ()
MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\tasks_core.dll ()
MOD - C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ()
MOD - C:\Program Files\Zemana AntiMalware\ZAMShellExt32.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\CCleaner\Lang\lang-1029.dll ()
MOD - C:\Program Files\CCleaner\branding.dll ()
MOD - C:\Program Files\WinRar\rarlng.dll ()
MOD - C:\Program Files\WinRar\RarExt.dll ()
MOD - C:\Program Files\FSC\LASER MOUSE\1.0\GTGMouse.exe ()
MOD - C:\Program Files\FSC\LASER MOUSE\1.0\GTGMDLL.dll ()
========== Services (SafeList) ========== SRV - (WsDrvInst) -- C:\Program Files\Wondershare\Dr.Fone for Android\DriverInstall.exe File not found
SRV - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe File not found
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (aswbIDSAgent) -- C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (ZAMSvc) -- C:\Program Files\Zemana AntiMalware\ZAM.exe (Copyright 2017.)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (TuneUp.Defrag) -- C:\Windows\System32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TestHandler) -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
========== Driver Services (SafeList) ========== DRV - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys File not found
DRV - (a8kkeg9k) -- File not found
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswmonflt.sys (AVAST Software)
DRV - (aswblog) -- C:\Windows\System32\drivers\aswblogx.sys (AVAST Software s.r.o.)
DRV - (aswbidsdriver) -- C:\Windows\System32\drivers\aswbidsdriverx.sys (AVAST Software s.r.o.)
DRV - (aswbidsh) -- C:\Windows\System32\drivers\aswbidshx.sys (AVAST Software s.r.o.)
DRV - (aswbuniv) -- C:\Windows\System32\drivers\aswbunivx.sys (AVAST Software s.r.o.)
DRV - (ZAM) -- C:\Windows\System32\drivers\zam32.sys (Zemana Ltd.)
DRV - (ZAM_Guard) -- C:\Windows\System32\drivers\zamguard32.sys (Zemana Ltd.)
DRV - (MBAMProtection) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes)
DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswStmXP) -- C:\Windows\System32\drivers\aswStmXP.sys (AVAST Software)
DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswHwid) -- C:\Windows\System32\drivers\aswHwid.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(
www.devguru.co.kr))
DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(
www.devguru.co.kr))
DRV - (HWiNFO32) -- C:\Windows\System32\drivers\HWiNFO32.SYS (REALiX(tm))
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek )
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvrd32) -- C:\Windows\System32\drivers\nvrd32.sys (NVIDIA Corporation)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Martin\Desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-wwIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - prefs.js..extensions.enabledItems:
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2: C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2105: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.07.15 19:33:25 | 000,000,000 | ---D | M]
========== Chrome ========== CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_1\
CHR - Extension: No name found = C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
O1 HOSTS File: ([2017.07.15 10:26:49 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4 - HKLM..\Run: [GTGMOUSE] C:\Program Files\FSC\LASER MOUSE\1.0\GTGMouse.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKCU..\Run: [BingSvc] C:\Users\Martin\AppData\Local\Microsoft\BingSvc\BingSvc.exe (© 2015 Microsoft Corporation)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_47064272.lnk = C:\Users\Martin\AppData\Local\temp\_uninst_47064272.bat ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (Rational Intellectual Holdings Ltd.)
O9 - Extra Button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Společnost Microsoft)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{882498C6-53A3-4545-B910-58434356C432}: DhcpNameServer = 213.46.172.36 213.46.172.37
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Martin\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Martin\AppData\Roaming\Microsoft\Windows Photo Gallery\Tapeta galerie Windows Fotogalerie.jpg
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2017.07.19 13:01:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2017.07.19 12:57:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2017.07.19 12:57:35 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2017.07.19 12:43:16 | 007,178,424 | ---- | C] (VS Revo Group ) -- C:\Users\Martin\Desktop\revosetup.exe
[2017.07.18 22:56:29 | 000,000,000 | ---D | C] -- C:\KVRT_Data
[2017.07.18 22:55:16 | 120,828,888 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Martin\Desktop\KVRT.exe
[2017.07.18 20:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2017.07.18 19:02:58 | 000,303,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2017.07.17 18:43:26 | 000,000,000 | ---D | C] -- C:\FRST
[2017.07.17 18:42:24 | 001,780,736 | ---- | C] (Farbar) -- C:\Users\Martin\Desktop\FRST.exe
[2017.07.16 10:05:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2017.07.15 10:33:56 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\temp
[2017.07.14 22:00:18 | 000,181,496 | ---- | C] (Zemana Ltd.) -- C:\Windows\System32\drivers\zam32.sys
[2017.07.14 22:00:16 | 000,181,496 | ---- | C] (Zemana Ltd.) -- C:\Windows\System32\drivers\zamguard32.sys
[2017.07.14 22:00:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2017.07.14 22:00:10 | 000,000,000 | ---D | C] -- C:\Program Files\Zemana AntiMalware
[2017.07.14 21:59:58 | 000,000,000 | ---D | C] -- C:\Users\Martin\AppData\Local\Zemana
[2017.07.14 21:58:40 | 006,589,840 | ---- | C] (Zemana Ltd. ) -- C:\Users\Martin\Desktop\Zemana.AntiMalware.Setup.exe
[2017.07.14 21:51:38 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2017.07.13 22:05:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2017.07.13 22:04:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2017.07.13 22:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2017.07.13 20:43:20 | 171,309,576 | ---- | C] (Sophos Limited) -- C:\Users\Martin\Desktop\Sophos Virus Removal Tool.exe
[2017.07.12 20:59:31 | 000,162,240 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMChameleon.sys
[2017.07.12 20:59:28 | 000,064,800 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mwac.sys
[2017.07.12 20:59:21 | 000,040,352 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2017.07.12 20:59:14 | 000,221,600 | ---- | C] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2017.07.12 20:59:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017.07.12 20:58:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017.07.12 20:58:00 | 065,033,984 | ---- | C] (Malwarebytes ) -- C:\Users\Martin\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
[2017.07.10 11:51:38 | 000,000,000 | ---D | C] -- C:\25313335900d7f696160167d00a5
[2008.08.31 15:23:53 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Martin\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ========== [2017.07.19 13:02:46 | 000,060,287 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2017.07.19 13:02:46 | 000,046,918 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017.07.19 13:01:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Martin\Desktop\OTL.exe
[2017.07.19 13:00:38 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2017.07.19 12:47:09 | 000,039,609 | ---- | M] () -- C:\Users\Martin\Desktop\Kaspersky.jpg
[2017.07.19 12:44:05 | 000,673,764 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2017.07.19 12:44:05 | 000,659,412 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2017.07.19 12:44:05 | 000,142,560 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2017.07.19 12:44:05 | 000,122,844 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2017.07.19 12:41:06 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2017.07.19 12:41:06 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2017.07.19 12:41:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.07.19 08:38:34 | 007,178,424 | ---- | M] (VS Revo Group ) -- C:\Users\Martin\Desktop\revosetup.exe
[2017.07.18 22:55:34 | 120,828,888 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Martin\Desktop\KVRT.exe
[2017.07.18 22:43:18 | 000,000,810 | ---- | M] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_47064272.lnk
[2017.07.18 19:54:03 | 159,428,216 | ---- | M] () -- C:\Users\Martin\Desktop\Kaspersky_Virus_Removal_Tool_11.0.3.7_[28.08.2014].exe
[2017.07.18 19:03:54 | 000,123,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswmonflt.sys
[2017.07.18 19:02:41 | 000,303,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2017.07.18 19:02:21 | 000,276,736 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswblogx.sys
[2017.07.18 19:02:21 | 000,267,008 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswbidsdriverx.sys
[2017.07.18 19:02:21 | 000,157,416 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswbidshx.sys
[2017.07.18 19:02:21 | 000,050,384 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\System32\drivers\aswbunivx.sys
[2017.07.17 16:22:52 | 001,780,736 | ---- | M] (Farbar) -- C:\Users\Martin\Desktop\FRST.exe
[2017.07.16 13:20:46 | 000,043,008 | ---- | M] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2017.07.16 10:13:29 | 000,376,792 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2017.07.15 10:26:49 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2017.07.14 22:00:18 | 000,181,496 | ---- | M] (Zemana Ltd.) -- C:\Windows\System32\drivers\zam32.sys
[2017.07.14 22:00:16 | 000,181,496 | ---- | M] (Zemana Ltd.) -- C:\Windows\System32\drivers\zamguard32.sys
[2017.07.14 22:00:11 | 000,001,693 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.07.14 21:58:48 | 006,589,840 | ---- | M] (Zemana Ltd. ) -- C:\Users\Martin\Desktop\Zemana.AntiMalware.Setup.exe
[2017.07.14 21:34:09 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2017.07.14 21:34:09 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2017.07.14 21:34:03 | 005,216,768 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe
[2017.07.14 21:33:43 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe
[2017.07.14 20:49:50 | 000,024,688 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2017.07.14 18:31:27 | 000,064,800 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mwac.sys
[2017.07.14 18:23:23 | 000,162,240 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMChameleon.sys
[2017.07.14 18:23:16 | 000,040,352 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\mbam.sys
[2017.07.14 18:23:10 | 000,221,600 | ---- | M] (Malwarebytes) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2017.07.13 22:04:05 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.07.13 20:44:26 | 171,309,576 | ---- | M] (Sophos Limited) -- C:\Users\Martin\Desktop\Sophos Virus Removal Tool.exe
[2017.07.12 20:59:02 | 000,001,821 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.07.11 21:15:42 | 065,033,984 | ---- | M] (Malwarebytes ) -- C:\Users\Martin\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
[2017.07.10 12:46:12 | 001,237,796 | ---- | M] () -- C:\Users\Martin\Desktop\windows6.0-kb4012598-x86_13e9b3d77ba5599764c296075a796c16a85c745c (1).msu
[2017.07.03 17:35:15 | 000,296,312 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2017.07.03 17:33:50 | 000,496,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2017.07.03 17:33:50 | 000,202,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStmXP.sys
[2017.07.03 17:33:50 | 000,070,840 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2017.07.03 17:33:49 | 000,070,088 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2017.07.03 17:33:49 | 000,042,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2017.07.03 17:33:30 | 000,774,288 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2017.07.03 17:33:29 | 000,039,752 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys
[2017.06.27 12:06:28 | 000,059,936 | ---- | M] () -- C:\Windows\System32\drivers\mbae.sys
========== Files Created - No Company Name ========== [2017.07.19 12:57:37 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2017.07.19 12:47:09 | 000,039,609 | ---- | C] () -- C:\Users\Martin\Desktop\Kaspersky.jpg
[2017.07.18 22:43:18 | 000,000,810 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_47064272.lnk
[2017.07.18 19:53:35 | 159,428,216 | ---- | C] () -- C:\Users\Martin\Desktop\Kaspersky_Virus_Removal_Tool_11.0.3.7_[28.08.2014].exe
[2017.07.14 22:00:24 | 000,060,287 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2017.07.14 22:00:23 | 000,046,918 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017.07.14 22:00:11 | 000,001,693 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2017.07.14 21:51:39 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2017.07.13 22:04:05 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2017.07.12 20:59:02 | 000,001,821 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.07.12 20:59:00 | 000,059,936 | ---- | C] () -- C:\Windows\System32\drivers\mbae.sys
[2017.07.10 12:46:09 | 001,237,796 | ---- | C] () -- C:\Users\Martin\Desktop\windows6.0-kb4012598-x86_13e9b3d77ba5599764c296075a796c16a85c745c (1).msu
[2017.05.04 20:52:05 | 000,006,354 | ---- | C] () -- C:\Users\Martin\BELICA_MARTIN.p12
[2012.04.29 13:35:47 | 000,002,208 | ---- | C] () -- C:\Users\Martin\.recently-used.xbel
[2011.12.20 22:18:08 | 000,001,568 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader (1).nast
[2011.12.20 22:17:02 | 000,005,814 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader (1).err
[2011.10.09 12:38:22 | 000,248,341 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader.err
[2011.08.15 12:47:35 | 000,001,344 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader.nast
[2011.03.21 23:06:48 | 000,220,831 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader[1].err
[2011.02.17 11:11:16 | 000,000,872 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader[2].nast
[2011.02.17 10:15:26 | 000,001,112 | ---- | C] () -- C:\Users\Martin\AppData\Local\SRDownloader[1].nast
[2009.01.04 12:12:20 | 000,000,012 | ---- | C] () -- C:\Users\Martin\intlname.ols
[2008.08.31 15:23:53 | 000,007,887 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\pcouffin.cat
[2008.08.31 15:23:53 | 000,001,144 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\pcouffin.inf
[2008.03.11 18:51:05 | 000,000,757 | ---- | C] () -- C:\Users\Martin\AppData\Roaming\mainhst.zgh
[2008.03.03 08:31:23 | 000,043,008 | ---- | C] () -- C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.29 02:46:08 | 011,588,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.10 23:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.10 23:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2010.03.10 20:01:57 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ACD Systems
[2009.09.23 19:02:05 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Acoustica
[2008.08.30 19:26:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Any Video Converter
[2014.06.19 08:20:03 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Ashampoo
[2014.04.15 00:38:56 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\AVAST Software
[2008.06.18 16:45:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\COWON
[2008.03.03 08:42:32 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools
[2011.09.03 11:01:43 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
[2014.05.05 23:26:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Deckadance
[2008.03.05 09:19:28 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\GHISLER
[2012.04.29 13:35:29 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\gtk-2.0
[2008.05.10 12:16:13 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ImgBurn
[2009.12.22 00:00:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Juce VST Host
[2011.12.26 17:23:55 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Nokia
[2011.12.26 16:43:58 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PC Suite
[2012.02.26 19:41:17 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\PhotoScape
[2011.03.08 21:49:24 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\TuneUp Software
[2016.07.07 16:55:23 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\uTorrent
[2014.08.02 12:57:31 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Wargaming.net
[2008.08.01 14:26:41 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\XnView
[2008.03.18 20:32:21 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\ZipGenius
[2010.03.04 14:27:42 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\Zoner
[2008.09.23 13:05:25 | 000,000,000 | ---D | M] -- C:\Users\Martin\AppData\Roaming\zweitgeist
========== Purity Check ========== < End of report >