Prosím o kontrolu Logu Vyřešeno
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
Oprava: Download není způsoben virem, na NTB je rychlost stejná mám připojení 10mbit/s a naměřil jsem 4mbit/s, některé dny třeba 1mbit/s. Chyba je na straně poskytovatele. Tak jediný problém co zůstává je tedy ten vyhledáváč mystartsearch, zkoušel jsem ho odinstalovat pomoci adwcleaner, co radili na netu. Vždycky na chvilku zmizel, ale pak se znovu objevil. Stáhl se mi zároveň s torrentem, avast a Wot mi hlásí, že na stránce je vir, ale není možné se ho zbavit. Problémy co byly předtím zmizely reklamy, pomalé načítání internetu , složek, ztrácení souborů atd.
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
Ještě dotaz ohledně ccleaner, co mám používat na čistění ?
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
Ano.
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
dva firewally , jeden odinstaluj.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
FW: COMODO Firewall (Enabled) {C8870897-C358-086B-2944-184866CC6D0A}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
dva firewally , jeden odinstaluj.
Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
V avastu nemám aktivovaný firewall, za ten se platí. Tak jsem si stáhl Comodo, předtím jsem měl windows FW. Mám odinstalovat Comodo a ponechat Windows ?
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
OTL logfile created on: 18.4.2015 10:38:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\despo367\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,98 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 46,54% Memory free
11,96 Gb Paging File | 9,26 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 239,17 Gb Free Space | 25,68% Space Free | Partition Type: NTFS
Drive H: | 7,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DESPO367-PC | User Name: despo367 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\despo367\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
PRC - C:\Users\despo367\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
PRC - C:\Program Files (x86)\Razer\Razer Cortex\main.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\6d8a9ce17e4bddd8756bf603c16a3f48\System.Web.Extensions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\bc2f4911c17035a493aae97f15ecfecd\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\228afa6a0391e75c8a30108d259a7bee\System.Runtime.Remoting.ni.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\AIMP3\System\Encoders\aimp_libvorbis.dll ()
MOD - C:\Program Files (x86)\AIMP3\System\Encoders\libFLAC.dll ()
MOD - C:\Program Files (x86)\AIMP3\System\libsoxr.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\OptimFROG\OptimFROG.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\aimp_sacd\libsacd.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\Aorta\Aorta.dll ()
MOD - C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\232495ea0368dada2d208c51f0e5349c\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\94c5cba998f28affea3889fcdf99d66c\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\fdcf678445e51ecc9483ff3dfd3dff27\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\14cc73701aac461eb89d6473a88fcd56\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\cf0ef6b155d82593d4606d3ad64a8baf\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\38c4c68111265ea3b0e895d6775437ff\System.Net.Http.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\02b219ccf07dd2b05ec7231276d54e7d\System.Dynamic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fb3fd01dd322371347378c1ee2cdfec0\System.Data.SqlXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\93a0883923e78cc3e80b7ac4a9768c60\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\9e42fe7c83345249b5dde1693d1bf8b5\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\825c2900a23128a2fd3de768abc9b023\PresentationFramework-SystemData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\92edcd808511b7f4b642f922f8ebc31c\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\72b116c8a9239819637a2fcbfcbde728\Microsoft.CSharp.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d8223c30928e02bc7ed5b8b81effa7b5\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\9bcbefb742496c55841dfcb21be24c6e\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\a48bd2a02ed1ae2fbb79ef8797f0c5f6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\59dc72440f000eead00c5c580bed26b3\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\9f1f464b854d655c74c8cd4ee5b731bd\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5a977e1f055b4f8f41da5d9142a1913c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eb3ba0fe2449d7ca96b51f71b2061cf6\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\61c8a838d217ea8b4f68bbf38172114f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\f35cee34537c9b5a9c620b697a6dc148\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\23d1162d1943c1b1d6c4fd7c6d8512d4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\d9ef873b190c9df202c3f9f8a5d38c48\Accessibility.ni.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
SRV:64bit: - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
SRV:64bit: - (CmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.)
SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\drivers\ss_mdm.sys (MCCI Corporation)
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\drivers\ss_mdfl.sys (MCCI Corporation)
DRV:64bit: - (ss_bus) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{057989F8-2E7D-455A-8070-E0423AF73CE4}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_21882
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9C63D76B-9AA2-4752-AA1B-A69130077939}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AF6FBD34-D1B9-4E44-86A0-383C05DE0F15}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\despo367\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.04.07 17:07:24 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablploimnfndjhngijoeekcoillceikj\2_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.16_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
O1 HOSTS File: ([2015.04.15 17:35:42 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe (Razer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4C37988-84EC-475D-B4C9-C1B88C2D23CF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015.04.18 10:34:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\despo367\Desktop\OTL.exe
[2015.04.17 19:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.04.17 19:17:32 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Local\Secunia PSI
[2015.04.17 17:28:05 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\despo367\Desktop\HijackThis.exe
[2015.04.16 20:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015.04.15 10:06:58 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.04.15 10:06:58 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.04.15 10:06:58 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.04.15 10:06:58 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.04.15 10:06:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.04.15 10:06:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.04.15 10:06:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.04.15 10:06:58 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.04.15 10:06:58 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.04.15 10:06:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.04.15 10:06:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.04.15 10:06:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.04.15 10:06:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.04.15 10:06:58 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.04.15 10:06:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.04.15 10:06:44 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.04.15 10:06:44 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.04.15 10:06:44 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.04.15 10:06:44 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.04.15 10:06:44 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.04.15 10:06:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.04.15 10:06:44 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.04.15 10:06:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.04.15 10:06:43 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015.04.15 10:06:40 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.04.15 10:06:39 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.04.15 10:06:39 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.04.15 10:06:39 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.04.15 10:06:39 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.04.15 10:06:39 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.04.15 10:06:39 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.04.15 10:06:38 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.04.15 10:06:38 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.04.15 10:06:38 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.04.15 10:06:38 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.04.15 10:06:38 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.04.15 10:06:38 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.04.15 10:06:38 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.04.15 10:06:38 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.04.15 10:06:38 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.04.15 10:06:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.04.15 10:06:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.04.15 10:06:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.04.15 10:06:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.04.15 10:06:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.04.15 10:06:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.04.15 10:06:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.04.15 10:06:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.04.15 10:06:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.04.15 10:06:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.04.15 10:06:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.04.15 10:06:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.04.15 10:06:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.04.15 10:06:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.04.15 10:06:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.04.15 10:06:34 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.04.15 10:06:34 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.04.15 10:06:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.04.15 10:06:33 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.04.15 10:06:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.04.15 10:06:32 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.04.15 10:06:32 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.04.15 10:06:32 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.04.15 10:06:32 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.04.15 10:06:32 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.04.15 10:06:32 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.04.15 10:06:32 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.04.15 10:06:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.04.15 10:06:32 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.04.15 10:06:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.04.15 10:06:31 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.04.15 10:06:31 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.04.15 10:06:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.04.15 10:06:30 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.04.15 10:06:30 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.04.15 10:06:30 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.04.15 10:06:30 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.04.15 10:06:30 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.04.15 10:06:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.04.15 10:06:29 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.04.15 10:06:29 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.04.15 10:06:29 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.04.15 10:06:29 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.04.15 10:06:28 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.04.15 10:06:28 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.04.15 10:06:28 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.04.15 10:06:28 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.04.15 10:04:11 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015.04.15 10:04:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015.04.15 04:58:52 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Roaming\ProductData
[2015.04.15 04:58:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.04.15 01:38:01 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2015.04.15 01:38:01 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Local\Temp
[2015.04.14 20:06:48 | 000,778,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.04.14 20:06:48 | 000,142,512 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.04.14 20:06:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2015.04.14 20:06:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015.04.14 18:15:54 | 000,000,000 | ---D | C] -- C:\RegBackup
[2015.04.13 20:38:03 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\despo367\Desktop\ATF-Cleaner.exe
[2015.04.07 17:07:45 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.04.07 17:07:37 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.04 14:42:43 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015.04.04 14:42:43 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015.04.02 08:06:26 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Roaming\vlc
[2015.04.02 08:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015.03.28 14:01:12 | 000,000,000 | ---D | C] -- C:\Users\despo367\Documents\LocaleMetaData
[2015.01.05 05:55:29 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\despo367\AppData\Roaming\pcouffin.sys
[color=#E56717]========== Files - Modified Within 30 Days
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\despo367\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,98 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 46,54% Memory free
11,96 Gb Paging File | 9,26 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 239,17 Gb Free Space | 25,68% Space Free | Partition Type: NTFS
Drive H: | 7,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DESPO367-PC | User Name: despo367 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\despo367\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
PRC - C:\Users\despo367\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
PRC - C:\Program Files (x86)\AIMP3\AIMP3.exe (AIMP DevTeam)
PRC - C:\Program Files (x86)\Razer\Razer Cortex\main.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.)
PRC - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.28b9ef5a#\6d8a9ce17e4bddd8756bf603c16a3f48\System.Web.Extensions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\bc2f4911c17035a493aae97f15ecfecd\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\228afa6a0391e75c8a30108d259a7bee\System.Runtime.Remoting.ni.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\AIMP3\System\Encoders\aimp_libvorbis.dll ()
MOD - C:\Program Files (x86)\AIMP3\System\Encoders\libFLAC.dll ()
MOD - C:\Program Files (x86)\AIMP3\System\libsoxr.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\OptimFROG\OptimFROG.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\aimp_cdda\aimp_cdda.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\aimp_sacd\libsacd.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll ()
MOD - C:\Program Files (x86)\AIMP3\Plugins\Aorta\Aorta.dll ()
MOD - C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\d18e2115a3270f89663fce831547f534\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\232495ea0368dada2d208c51f0e5349c\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\94c5cba998f28affea3889fcdf99d66c\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\fdcf678445e51ecc9483ff3dfd3dff27\System.Xml.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\14cc73701aac461eb89d6473a88fcd56\System.ServiceModel.Internals.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Security\cf0ef6b155d82593d4606d3ad64a8baf\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\187177229c00aec6dec613ea4b9ff209\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Net.Http\38c4c68111265ea3b0e895d6775437ff\System.Net.Http.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\de2a832558f95db343e443c365bd3575\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\02b219ccf07dd2b05ec7231276d54e7d\System.Dynamic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.SqlXml\fb3fd01dd322371347378c1ee2cdfec0\System.Data.SqlXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\93a0883923e78cc3e80b7ac4a9768c60\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\9e42fe7c83345249b5dde1693d1bf8b5\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\825c2900a23128a2fd3de768abc9b023\PresentationFramework-SystemData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\92edcd808511b7f4b642f922f8ebc31c\PresentationFramework-SystemXmlLinq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\72b116c8a9239819637a2fcbfcbde728\Microsoft.CSharp.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d6ee4ffbd9a86ac1e7b01800b6fe9c7\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\d8223c30928e02bc7ed5b8b81effa7b5\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\1196cc375887ce75f134047505fe19bf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\9bcbefb742496c55841dfcb21be24c6e\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\a48bd2a02ed1ae2fbb79ef8797f0c5f6\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd2f9ea99ac0f984b9dc430824638c9f\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\59dc72440f000eead00c5c580bed26b3\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\9f1f464b854d655c74c8cd4ee5b731bd\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5a977e1f055b4f8f41da5d9142a1913c\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\5e3e26e6c81809aab854ea76a884fde2\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\eb3ba0fe2449d7ca96b51f71b2061cf6\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\61c8a838d217ea8b4f68bbf38172114f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.V9921e851#\f35cee34537c9b5a9c620b697a6dc148\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\23d1162d1943c1b1d6c4fd7c6d8512d4\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\d1265d6159ea876f9d63ea4c1361b587\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\d9ef873b190c9df202c3f9f8a5d38c48\Accessibility.ni.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
SRV:64bit: - (cmdvirth) -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (COMODO)
SRV:64bit: - (CmdAgent) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (OODefragAgent) -- C:\Program Files\OO Software\Defrag\oodag.exe (O&O Software GmbH)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (RzKLService) -- C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (Razer Inc.)
SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
========== Driver Services (SafeList) ==========
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\drivers\ss_mdm.sys (MCCI Corporation)
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\drivers\ss_mdfl.sys (MCCI Corporation)
DRV:64bit: - (ss_bus) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation)
DRV:64bit: - (pcouffin) -- C:\Windows\SysNative\drivers\pcouffin.sys (VSO Software)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys (Secunia)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{057989F8-2E7D-455A-8070-E0423AF73CE4}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_21882
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9C63D76B-9AA2-4752-AA1B-A69130077939}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AF6FBD34-D1B9-4E44-86A0-383C05DE0F15}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\despo367\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.04.07 17:07:24 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablploimnfndjhngijoeekcoillceikj\2_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.16_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
O1 HOSTS File: ([2015.04.15 17:35:42 | 000,000,841 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (COMODO)
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe (Razer Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4C37988-84EC-475D-B4C9-C1B88C2D23CF}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SYSTEM32\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2015.04.18 10:34:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\despo367\Desktop\OTL.exe
[2015.04.17 19:22:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015.04.17 19:17:32 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Local\Secunia PSI
[2015.04.17 17:28:05 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\despo367\Desktop\HijackThis.exe
[2015.04.16 20:26:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ProductData
[2015.04.15 10:06:58 | 003,298,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.04.15 10:06:58 | 000,696,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.04.15 10:06:58 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.04.15 10:06:58 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.04.15 10:06:58 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.04.15 10:06:58 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.04.15 10:06:58 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.04.15 10:06:58 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.04.15 10:06:58 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.04.15 10:06:58 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.04.15 10:06:58 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.04.15 10:06:58 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.04.15 10:06:58 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.04.15 10:06:58 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.04.15 10:06:58 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.04.15 10:06:44 | 001,111,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.04.15 10:06:44 | 000,957,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.04.15 10:06:44 | 000,769,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.04.15 10:06:44 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.04.15 10:06:44 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.04.15 10:06:44 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.04.15 10:06:44 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.04.15 10:06:44 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.04.15 10:06:43 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015.04.15 10:06:40 | 005,557,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.04.15 10:06:39 | 003,976,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.04.15 10:06:39 | 003,920,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.04.15 10:06:39 | 001,727,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.04.15 10:06:39 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.04.15 10:06:39 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.04.15 10:06:39 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.04.15 10:06:38 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.04.15 10:06:38 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.04.15 10:06:38 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.04.15 10:06:38 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.04.15 10:06:38 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.04.15 10:06:38 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.04.15 10:06:38 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.04.15 10:06:38 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.04.15 10:06:38 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.04.15 10:06:38 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.04.15 10:06:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.04.15 10:06:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.04.15 10:06:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.04.15 10:06:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.04.15 10:06:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.04.15 10:06:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.04.15 10:06:38 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.04.15 10:06:38 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.04.15 10:06:38 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.04.15 10:06:38 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.04.15 10:06:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.04.15 10:06:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.04.15 10:06:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.04.15 10:06:34 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.04.15 10:06:34 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.04.15 10:06:34 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.04.15 10:06:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.04.15 10:06:33 | 000,720,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.04.15 10:06:33 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.04.15 10:06:32 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.04.15 10:06:32 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.04.15 10:06:32 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.04.15 10:06:32 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.04.15 10:06:32 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.04.15 10:06:32 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.04.15 10:06:32 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.04.15 10:06:32 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.04.15 10:06:32 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.04.15 10:06:32 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.04.15 10:06:31 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.04.15 10:06:31 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.04.15 10:06:31 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.04.15 10:06:30 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.04.15 10:06:30 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.04.15 10:06:30 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.04.15 10:06:30 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2015.04.15 10:06:30 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.04.15 10:06:30 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.04.15 10:06:29 | 006,025,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.04.15 10:06:29 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.04.15 10:06:29 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.04.15 10:06:29 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.04.15 10:06:28 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.04.15 10:06:28 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2015.04.15 10:06:28 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.04.15 10:06:28 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.04.15 10:04:11 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015.04.15 10:04:11 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015.04.15 04:58:52 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Roaming\ProductData
[2015.04.15 04:58:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2015.04.15 01:38:01 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2015.04.15 01:38:01 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Local\Temp
[2015.04.14 20:06:48 | 000,778,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.04.14 20:06:48 | 000,142,512 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.04.14 20:06:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2015.04.14 20:06:46 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015.04.14 18:15:54 | 000,000,000 | ---D | C] -- C:\RegBackup
[2015.04.13 20:38:03 | 000,050,688 | ---- | C] (Atribune.org) -- C:\Users\despo367\Desktop\ATF-Cleaner.exe
[2015.04.07 17:07:45 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.04.07 17:07:37 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.04 14:42:43 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015.04.04 14:42:43 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015.04.02 08:06:26 | 000,000,000 | ---D | C] -- C:\Users\despo367\AppData\Roaming\vlc
[2015.04.02 08:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015.03.28 14:01:12 | 000,000,000 | ---D | C] -- C:\Users\despo367\Documents\LocaleMetaData
[2015.01.05 05:55:29 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\despo367\AppData\Roaming\pcouffin.sys
[color=#E56717]========== Files - Modified Within 30 Days
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
[2015.04.18 10:34:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\despo367\Desktop\OTL.exe
[2015.04.18 08:06:48 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.04.18 08:06:48 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.04.18 07:58:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.04.18 07:58:17 | 521,793,535 | -HS- | M] () -- C:\hiberfil.sys
[2015.04.17 21:25:57 | 001,725,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.04.17 21:25:57 | 000,752,906 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.04.17 21:25:57 | 000,654,984 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.04.17 21:25:57 | 000,194,830 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.04.17 21:25:57 | 000,122,354 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.04.17 21:24:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015.04.17 21:24:29 | 001,002,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll
[2015.04.17 19:22:21 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015.04.17 17:27:58 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\despo367\Desktop\HijackThis.exe
[2015.04.16 19:57:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.04.15 17:35:42 | 000,000,841 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015.04.15 14:58:13 | 001,700,126 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.04.15 10:06:58 | 003,298,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.04.15 10:06:58 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.04.15 10:06:58 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.04.15 10:06:58 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.04.15 10:06:58 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.04.15 10:06:58 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.04.15 10:06:58 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.04.15 10:06:58 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.04.15 10:06:58 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.04.15 10:06:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.04.15 10:06:58 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.04.15 10:06:58 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.04.15 10:06:58 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.04.15 10:06:58 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.04.15 10:06:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.04.15 10:06:44 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.04.15 10:06:44 | 000,957,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.04.15 10:06:44 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.04.15 10:06:44 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.04.15 10:06:44 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.04.15 10:06:44 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.04.15 10:06:44 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.04.15 10:06:44 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.04.15 10:06:43 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015.04.15 10:06:40 | 005,557,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.04.15 10:06:39 | 003,976,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.04.15 10:06:39 | 003,920,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.04.15 10:06:39 | 001,727,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.04.15 10:06:39 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.04.15 10:06:39 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.04.15 10:06:39 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.04.15 10:06:38 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.04.15 10:06:38 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.04.15 10:06:38 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.04.15 10:06:38 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.04.15 10:06:38 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.04.15 10:06:38 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.04.15 10:06:38 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.04.15 10:06:38 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.04.15 10:06:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.04.15 10:06:38 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.04.15 10:06:38 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.04.15 10:06:38 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.04.15 10:06:38 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.04.15 10:06:38 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.04.15 10:06:38 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.04.15 10:06:38 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.04.15 10:06:38 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.04.15 10:06:38 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.04.15 10:06:38 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.04.15 10:06:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.04.15 10:06:38 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.04.15 10:06:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.04.15 10:06:37 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.04.15 10:06:34 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.04.15 10:06:34 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.04.15 10:06:34 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.04.15 10:06:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.04.15 10:06:33 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.04.15 10:06:33 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.04.15 10:06:32 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.04.15 10:06:32 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.04.15 10:06:32 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.04.15 10:06:32 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.04.15 10:06:32 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.04.15 10:06:32 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.04.15 10:06:32 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.04.15 10:06:32 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.04.15 10:06:32 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.04.15 10:06:32 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.04.15 10:06:31 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.04.15 10:06:31 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.04.15 10:06:31 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.04.15 10:06:30 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.04.15 10:06:30 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.04.15 10:06:30 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.04.15 10:06:30 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.04.15 10:06:30 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.04.15 10:06:29 | 006,025,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.04.15 10:06:29 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.04.15 10:06:29 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.04.15 10:06:29 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.04.15 10:06:28 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.04.15 10:06:28 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.04.15 10:06:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.04.15 10:04:11 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015.04.15 10:04:11 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015.04.14 20:06:48 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.04.14 20:06:48 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.04.14 18:34:44 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015.04.14 18:15:56 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-DESPO367-PC-Windows-7-Home-Premium-(64-bit).dat
[2015.04.14 18:09:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.04.13 20:37:51 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\despo367\Desktop\ATF-Cleaner.exe
[2015.04.07 17:07:43 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.04.07 17:07:43 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.04.07 17:07:43 | 000,271,200 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.04.07 17:07:43 | 000,136,752 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.04.07 17:07:43 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.04.07 17:07:43 | 000,088,408 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.04.07 17:07:43 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.04.07 17:07:43 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.04.07 17:07:37 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.07 17:07:18 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.04.02 08:06:17 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015.03.28 14:01:09 | 014,749,696 | ---- | M] () -- C:\Users\despo367\Documents\system.evtx
[2015.03.27 19:28:20 | 000,000,574 | ---- | M] () -- C:\Users\despo367\Documents\cc_20150327_182815.reg
========== Files Created - No Company Name ==========
[2015.04.17 21:24:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015.04.15 10:06:34 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015.04.15 10:06:33 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015.04.14 18:15:56 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DESPO367-PC-Windows-7-Home-Premium-(64-bit).dat
[2015.04.02 08:06:17 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015.03.28 14:01:00 | 014,749,696 | ---- | C] () -- C:\Users\despo367\Documents\system.evtx
[2015.03.27 19:28:17 | 000,000,574 | ---- | C] () -- C:\Users\despo367\Documents\cc_20150327_182815.reg
[2015.03.02 18:10:37 | 000,003,153 | ---- | C] () -- C:\Program Files (x86)\visit-nosteam.ro.html
[2015.03.02 18:10:37 | 000,000,084 | ---- | C] () -- C:\Program Files (x86)\update-witcher2.bat
[2015.02.01 21:00:17 | 000,000,732 | ---- | C] () -- C:\Program Files (x86)\visit-www.nosteam.ro.html
[2015.01.16 21:26:04 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015.01.16 21:26:02 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015.01.05 05:56:10 | 000,000,671 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\vso_ts_preview.xml
[2015.01.05 05:55:29 | 000,099,384 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\inst.exe
[2015.01.05 05:55:29 | 000,007,859 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\pcouffin.cat
[2015.01.05 05:55:29 | 000,001,167 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\pcouffin.inf
[2014.12.21 17:15:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.11.20 22:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.11.09 11:26:54 | 000,000,000 | ---- | C] () -- C:\Users\despo367\.gtk-bookmarks
[2014.08.27 19:49:41 | 001,700,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.08.12 05:09:50 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.08.12 05:09:50 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.08.12 03:51:00 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.08.12 03:51:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.03.11 19:58:53 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.03.11 19:58:53 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.04.18 10:42:33 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\AIMP3
[2015.01.16 23:54:13 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\AMD
[2014.08.28 18:10:02 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Ashampoo
[2014.08.27 20:11:12 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\AVAST Software
[2015.02.11 18:27:33 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\DAEMON Tools Lite
[2014.09.22 21:25:31 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\DarkSoulsII
[2015.01.23 09:06:11 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\IObit
[2014.12.11 21:12:49 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\LG DVX162 user guide
[2014.12.21 17:51:17 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\library_dir
[2015.03.11 13:40:49 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\LolClient
[2014.09.11 18:02:50 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\MKKE
[2014.08.28 19:22:40 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\MPC-BE
[2015.04.15 04:58:52 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\ProductData
[2015.03.11 10:27:42 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Riot Games
[2015.04.16 20:27:58 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Seznam.cz
[2014.08.28 06:51:48 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Unity
[2015.04.18 10:43:27 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\uTorrent
[2014.08.27 19:11:55 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xinput1_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xinput1_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xinput1_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_9.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_8.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_10.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\x3daudio1_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\x3daudio1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wvc1dmod.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuwebv.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wups.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wudriver.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuapp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WsmWmiPl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WsmSvc.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WsmAuto.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WSManMigrationPlugin.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WSManHTTPConfig.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wow32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wmploc.DLL:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WMPhoto.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wmp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wmdrmsdk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wintrust.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WindowsCodecs.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wdigest.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wdi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\vp7vfw.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\vbscript.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\user.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\urlmon.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\tzres.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\tspkg.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\sspicli.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\srclient.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\spwmp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\sipr3260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\schannel.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\shell32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\setup16.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\secur32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\scesrv.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\rrinstaller.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\quartz.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\qdvd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\PnkBstrB.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\PnkBstrB.ex0:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\PnkBstrA.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\Pncrt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\oleaut32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntvdm64.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntoskrnl.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntkrnlpa.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntdll.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ncrypt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msxml3r.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msxml3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msv1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msscp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msrating.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msobjs.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msnetobj.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtmlmedia.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtmled.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\MshtmlDac.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtml.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msfeeds.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msdxm.ocx:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msctf.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msaudite.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mfps.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mfpmp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mfplat.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mferror.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mf.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\lpk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\KernelBase.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\kernel32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\kerberos.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jsproxy.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript9diag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript9.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\JavaScriptCollectionAgent.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\instnm.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\inetcpl.cpl:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieUnatt.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iesetup.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iertutil.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iernonce.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieframe.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieetwproxystub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iedkcs32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieapfltr.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\gdi32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\fontsub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\FlashPlayerApp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\evr.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxtrans.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxtmsft.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxmasf.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drv43260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drv33260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drv23260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drmv2clt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drmmgrtn.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dciman32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_41.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_40.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_39.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_38.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_37.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_36.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_35.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_34.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_33.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_31.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_30.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_29.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_28.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_27.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_26.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_25.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_24.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx11_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_41.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_40.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_39.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_38.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_37.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_36.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_35.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_34.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_33.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dcsx_43.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dcsx_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_41.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_40.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_39.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_38.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_37.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_36.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_35.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_34.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_33.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptsvc.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptsp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptnet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\crypt32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\credssp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cook3260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\clfsw32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\blackbox.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\auditpol.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\AudioSes.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\AUDIOKSE.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\AudioEng.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\atmlib.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\atmfd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\appidapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\apisetschema.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\adtschema.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\msvcr70.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\msvcp70.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\msvbvm60.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\avastSS.scr:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\Desktop\OTL.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\Desktop\HijackThis.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\Desktop\ATF-Cleaner.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\AppData\Roaming\inst.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\update-witcher2.bat:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe:$CmdTcID
@Alternate Data Stream - 26 bytes -> C:\Users\despo367\Desktop\OTL.exe:$CmdZnID
@Alternate Data Stream - 26 bytes -> C:\Users\despo367\Desktop\HijackThis.exe:$CmdZnID
@Alternate Data Stream - 26 bytes -> C:\Users\despo367\Desktop\ATF-Cleaner.exe:$CmdZnID
< End of report >
[2015.04.18 08:06:48 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.04.18 08:06:48 | 000,029,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.04.18 07:58:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.04.18 07:58:17 | 521,793,535 | -HS- | M] () -- C:\hiberfil.sys
[2015.04.17 21:25:57 | 001,725,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.04.17 21:25:57 | 000,752,906 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.04.17 21:25:57 | 000,654,984 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.04.17 21:25:57 | 000,194,830 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.04.17 21:25:57 | 000,122,354 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.04.17 21:24:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015.04.17 21:24:29 | 001,002,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll
[2015.04.17 19:22:21 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2015.04.17 17:27:58 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\despo367\Desktop\HijackThis.exe
[2015.04.16 19:57:38 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.04.15 17:35:42 | 000,000,841 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2015.04.15 14:58:13 | 001,700,126 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.04.15 10:06:58 | 003,298,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2015.04.15 10:06:58 | 000,696,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2015.04.15 10:06:58 | 000,566,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2015.04.15 10:06:58 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2015.04.15 10:06:58 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2015.04.15 10:06:58 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2015.04.15 10:06:58 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2015.04.15 10:06:58 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2015.04.15 10:06:58 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2015.04.15 10:06:58 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2015.04.15 10:06:58 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2015.04.15 10:06:58 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2015.04.15 10:06:58 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2015.04.15 10:06:58 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2015.04.15 10:06:58 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wu.upgrade.ps.dll
[2015.04.15 10:06:44 | 001,111,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2015.04.15 10:06:44 | 000,957,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appraiser.dll
[2015.04.15 10:06:44 | 000,769,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\invagent.dll
[2015.04.15 10:06:44 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2015.04.15 10:06:44 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\devinv.dll
[2015.04.15 10:06:44 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2015.04.15 10:06:44 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepic.dll
[2015.04.15 10:06:44 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\acmigration.dll
[2015.04.15 10:06:43 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2015.04.15 10:06:43 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2015.04.15 10:06:40 | 005,557,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.04.15 10:06:39 | 003,976,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.04.15 10:06:39 | 003,920,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.04.15 10:06:39 | 001,727,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2015.04.15 10:06:39 | 001,163,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2015.04.15 10:06:39 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2015.04.15 10:06:39 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2015.04.15 10:06:38 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.04.15 10:06:38 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.04.15 10:06:38 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.04.15 10:06:38 | 000,338,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2015.04.15 10:06:38 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.04.15 10:06:38 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.04.15 10:06:38 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2015.04.15 10:06:38 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2015.04.15 10:06:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.04.15 10:06:38 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.04.15 10:06:38 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.04.15 10:06:38 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.04.15 10:06:38 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.04.15 10:06:38 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.04.15 10:06:38 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.04.15 10:06:38 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.04.15 10:06:38 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2015.04.15 10:06:38 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2015.04.15 10:06:38 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2015.04.15 10:06:38 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2015.04.15 10:06:38 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2015.04.15 10:06:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2015.04.15 10:06:38 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2015.04.15 10:06:38 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2015.04.15 10:06:37 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.04.15 10:06:37 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.04.15 10:06:37 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.04.15 10:06:34 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.04.15 10:06:34 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.04.15 10:06:34 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.04.15 10:06:34 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.04.15 10:06:34 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.04.15 10:06:33 | 000,720,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.04.15 10:06:33 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.04.15 10:06:33 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.04.15 10:06:32 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.04.15 10:06:32 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.04.15 10:06:32 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.04.15 10:06:32 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.04.15 10:06:32 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.04.15 10:06:32 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.04.15 10:06:32 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.04.15 10:06:32 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.04.15 10:06:32 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.04.15 10:06:32 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.04.15 10:06:31 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.04.15 10:06:31 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.04.15 10:06:31 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.04.15 10:06:30 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.04.15 10:06:30 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.04.15 10:06:30 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.04.15 10:06:30 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.04.15 10:06:30 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.04.15 10:06:29 | 006,025,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.04.15 10:06:29 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.04.15 10:06:29 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.04.15 10:06:29 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.04.15 10:06:28 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.04.15 10:06:28 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.04.15 10:06:28 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.04.15 10:04:11 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\clfsw32.dll
[2015.04.15 10:04:11 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\clfsw32.dll
[2015.04.14 20:06:48 | 000,778,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2015.04.14 20:06:48 | 000,142,512 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2015.04.14 18:34:44 | 000,037,624 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2015.04.14 18:15:56 | 000,000,207 | ---- | M] () -- C:\Windows\tweaking.com-regbackup-DESPO367-PC-Windows-7-Home-Premium-(64-bit).dat
[2015.04.14 18:09:55 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.04.13 20:37:51 | 000,050,688 | ---- | M] (Atribune.org) -- C:\Users\despo367\Desktop\ATF-Cleaner.exe
[2015.04.07 17:07:43 | 000,442,264 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.04.07 17:07:43 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.04.07 17:07:43 | 000,271,200 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.04.07 17:07:43 | 000,136,752 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.04.07 17:07:43 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.04.07 17:07:43 | 000,088,408 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.04.07 17:07:43 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.04.07 17:07:43 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.04.07 17:07:37 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.04.07 17:07:18 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.04.02 08:06:17 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015.03.28 14:01:09 | 014,749,696 | ---- | M] () -- C:\Users\despo367\Documents\system.evtx
[2015.03.27 19:28:20 | 000,000,574 | ---- | M] () -- C:\Users\despo367\Documents\cc_20150327_182815.reg
========== Files Created - No Company Name ==========
[2015.04.17 21:24:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2015.04.15 10:06:34 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015.04.15 10:06:33 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015.04.14 18:15:56 | 000,000,207 | ---- | C] () -- C:\Windows\tweaking.com-regbackup-DESPO367-PC-Windows-7-Home-Premium-(64-bit).dat
[2015.04.02 08:06:17 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015.03.28 14:01:00 | 014,749,696 | ---- | C] () -- C:\Users\despo367\Documents\system.evtx
[2015.03.27 19:28:17 | 000,000,574 | ---- | C] () -- C:\Users\despo367\Documents\cc_20150327_182815.reg
[2015.03.02 18:10:37 | 000,003,153 | ---- | C] () -- C:\Program Files (x86)\visit-nosteam.ro.html
[2015.03.02 18:10:37 | 000,000,084 | ---- | C] () -- C:\Program Files (x86)\update-witcher2.bat
[2015.02.01 21:00:17 | 000,000,732 | ---- | C] () -- C:\Program Files (x86)\visit-www.nosteam.ro.html
[2015.01.16 21:26:04 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2015.01.16 21:26:02 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2015.01.05 05:56:10 | 000,000,671 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\vso_ts_preview.xml
[2015.01.05 05:55:29 | 000,099,384 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\inst.exe
[2015.01.05 05:55:29 | 000,007,859 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\pcouffin.cat
[2015.01.05 05:55:29 | 000,001,167 | ---- | C] () -- C:\Users\despo367\AppData\Roaming\pcouffin.inf
[2014.12.21 17:15:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014.11.20 22:35:00 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014.11.09 11:26:54 | 000,000,000 | ---- | C] () -- C:\Users\despo367\.gtk-bookmarks
[2014.08.27 19:49:41 | 001,700,126 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.08.12 05:09:50 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014.08.12 05:09:50 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014.08.12 03:51:00 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014.08.12 03:51:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.03.11 19:58:53 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.03.11 19:58:53 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2015.04.18 10:42:33 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\AIMP3
[2015.01.16 23:54:13 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\AMD
[2014.08.28 18:10:02 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Ashampoo
[2014.08.27 20:11:12 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\AVAST Software
[2015.02.11 18:27:33 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\DAEMON Tools Lite
[2014.09.22 21:25:31 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\DarkSoulsII
[2015.01.23 09:06:11 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\IObit
[2014.12.11 21:12:49 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\LG DVX162 user guide
[2014.12.21 17:51:17 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\library_dir
[2015.03.11 13:40:49 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\LolClient
[2014.09.11 18:02:50 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\MKKE
[2014.08.28 19:22:40 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\MPC-BE
[2015.04.15 04:58:52 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\ProductData
[2015.03.11 10:27:42 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Riot Games
[2015.04.16 20:27:58 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Seznam.cz
[2014.08.28 06:51:48 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\Unity
[2015.04.18 10:43:27 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\uTorrent
[2014.08.27 19:11:55 | 000,000,000 | ---D | M] -- C:\Users\despo367\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xinput1_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xinput1_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xinput1_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAudio2_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\XAPOFX1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine3_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_9.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_8.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_10.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\xactengine2_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_7.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_6.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_5.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_4.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\X3DAudio1_2.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\x3daudio1_1.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\x3daudio1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wvc1dmod.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuwebv.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wups.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wudriver.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuapp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wuapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WsmWmiPl.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WsmSvc.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WsmAuto.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WSManMigrationPlugin.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WSManHTTPConfig.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wow32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wmploc.DLL:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WMPhoto.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wmp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wmdrmsdk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wintrust.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wininet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\WindowsCodecs.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wdigest.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\wdi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\vp7vfw.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\vbscript.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\user.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\urlmon.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\tzres.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\tspkg.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\sspicli.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\srclient.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\spwmp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\sipr3260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\schannel.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\shell32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\setup16.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\secur32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\scesrv.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\rrinstaller.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\quartz.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\qdvd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\PnkBstrB.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\PnkBstrB.ex0:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\PnkBstrA.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\Pncrt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\oleaut32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntvdm64.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntoskrnl.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntkrnlpa.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ntdll.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ncrypt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msxml3r.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msxml3.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msv1_0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msscp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msrating.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msobjs.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msnetobj.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtmlmedia.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtmled.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\MshtmlDac.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mshtml.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msfeeds.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msdxm.ocx:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msctf.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\msaudite.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mfps.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mfpmp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mfplat.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mferror.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\mf.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\lpk.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\KernelBase.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\kernel32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\kerberos.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jsproxy.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript9diag.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\jscript9.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\JavaScriptCollectionAgent.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\instnm.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\inetcpl.cpl:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieUnatt.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iesetup.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iertutil.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iernonce.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieframe.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieetwproxystub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\iedkcs32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\ieapfltr.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\gdi32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\fontsub.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\FlashPlayerApp.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\evr.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxtrans.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxtmsft.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dxmasf.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drv43260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drv33260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drv23260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drmv2clt.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\drmmgrtn.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\dciman32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_41.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_40.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_39.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_38.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DX9_37.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_36.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_35.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_34.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_33.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_31.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_30.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_29.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_28.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_27.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_26.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_25.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx9_24.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx11_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_41.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_40.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_39.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_38.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_37.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_36.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_35.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_34.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10_33.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dx10.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dcsx_43.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\d3dcsx_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_42.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_41.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_40.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_39.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_38.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_37.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_36.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_35.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_34.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\D3DCompiler_33.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptui.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptsvc.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptsp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cryptnet.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\crypt32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\credssp.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\cook3260.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\clfsw32.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\blackbox.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\auditpol.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\AudioSes.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\AUDIOKSE.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\AudioEng.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\atmlib.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\atmfd.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\appidapi.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\apisetschema.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\SysWow64\adtschema.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\msvcr70.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\msvcp70.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\msvbvm60.dll:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Windows\avastSS.scr:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\Desktop\OTL.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\Desktop\HijackThis.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\Desktop\ATF-Cleaner.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Users\despo367\AppData\Roaming\inst.exe:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\update-witcher2.bat:$CmdTcID
@Alternate Data Stream - 64 bytes -> C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe:$CmdTcID
@Alternate Data Stream - 26 bytes -> C:\Users\despo367\Desktop\OTL.exe:$CmdZnID
@Alternate Data Stream - 26 bytes -> C:\Users\despo367\Desktop\HijackThis.exe:$CmdZnID
@Alternate Data Stream - 26 bytes -> C:\Users\despo367\Desktop\ATF-Cleaner.exe:$CmdZnID
< End of report >
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
OTL Extras logfile created on: 18.4.2015 10:38:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\despo367\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,98 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 46,54% Memory free
11,96 Gb Paging File | 9,26 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 239,17 Gb Free Space | 25,68% Space Free | Partition Type: NTFS
Drive H: | 7,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DESPO367-PC | User Name: despo367 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D3F58D-619F-45B7-8328-50B82E518829}" = lport=137 | protocol=17 | dir=in | app=system |
"{12AAF8DA-6C21-4C01-B1AF-C560DCEEAB46}" = rport=10243 | protocol=6 | dir=out | app=system |
"{225AD235-C658-4F49-8F97-5BB5E3369426}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{30FF7F59-A0B4-432C-88E0-42AE2B3EDCDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41E4FC25-3846-4904-9286-6F63317A3961}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4BB39F57-EEAA-4464-A661-4983169FF1C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4BD9768E-BD71-499B-BBE6-15ACA29C51CB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{5423BE34-674C-46A1-9C26-7CF76D09FB5B}" = rport=137 | protocol=17 | dir=out | app=system |
"{58AD881E-5E58-49BC-9135-C82275E9EF28}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6EFE29CC-1203-4C92-B579-25981A8CDFB6}" = lport=138 | protocol=17 | dir=in | app=system |
"{77C60B15-5EEE-4C24-9036-15E46658AE27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B06E5FA-8796-49B2-8E3F-5E6FC41D0B43}" = lport=445 | protocol=6 | dir=in | app=system |
"{7D570413-5696-4F88-9573-727A94E3E050}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0A61BD9-DA84-40F4-9480-8E5AE997937D}" = rport=139 | protocol=6 | dir=out | app=system |
"{A28AE130-4C90-4094-9605-EEEEED3BCE62}" = lport=139 | protocol=6 | dir=in | app=system |
"{AC73A7CD-E736-4C8D-896C-66B7B5B4DF68}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADC4B121-D601-4262-8A3B-C2B99E77568A}" = rport=138 | protocol=17 | dir=out | app=system |
"{ADE96195-63DB-40D8-8566-3A97C7B081F3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C341E1FF-9DE6-4A7B-92C2-D84B5EC7DFB7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C50BF86F-7F23-4B71-9B70-2A421330DBAA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D168D73C-5158-4E9E-8181-FB5C98C82293}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1CCC5AF-236C-4559-A471-269032F66BCD}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08FECD75-27CE-4DBF-BD63-8D06BCB8EAD5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0A5F8D4F-C58F-4A4A-B153-2279E58B5F00}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0ACAA86B-F20C-4478-88F9-BB01C6193A19}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0EFECD27-1853-4635-ACA6-7900CD28AE20}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{17391054-78A5-49B1-BE71-8642A3D3A278}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{1ACA8229-B326-48BD-8B24-FD5C832F6AEA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2276A5C8-BB4A-4911-92D9-DDD19E37D66E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{35161F4C-9EB7-4154-8538-DEBF12E31C44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{35DF832E-35E4-4DEB-81F5-D660AE81E138}" = protocol=6 | dir=in | app=c:\mass effect 3\binaries\win32\masseffect3.exe |
"{36242F9C-9063-49D5-9255-EE4DF3C49C98}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{39AEC4BB-9339-4C5E-B8C0-E3EF0E5E315B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B512CDF-2B45-45ED-8E79-885DE9376A31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{41326910-9155-4921-8B2E-CFFAA2D7C5F5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{541B5616-61A4-4102-BD47-FA52BB916A3F}" = protocol=17 | dir=in | app=c:\users\despo367\appdata\roaming\utorrent\utorrent.exe |
"{6D9184CC-4824-479B-BE07-11E1F4957EEC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{74C90A16-ADB8-4FCA-8614-F7BB83E18D5B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{79C9B240-25F6-49B1-AE14-A86C629BD54F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{82055163-DB79-4A43-B16A-CFD0C780ED80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89410684-B457-40EC-80B0-CBFB0C8D94B6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{896C0C3D-7CAF-4318-87CA-3D1856DD2C10}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{8ECC80C2-ACE0-4638-9A83-787832CBA85B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A34BD7CB-B84E-4F95-ADF4-6CFDFFB5B67F}" = protocol=6 | dir=in | app=c:\users\despo367\appdata\roaming\utorrent\utorrent.exe |
"{A40F3918-50E3-4932-BED9-A7162DC7DF00}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{A5C3C386-03DF-47CF-A4B6-DD047E912DB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8B7ECF4-23BD-4E96-A5EF-ECB5D7B22B67}" = protocol=6 | dir=in | app=c:\games (x86)\crysis 3\bin32\crysis3.exe |
"{AEC2156C-32F9-49FA-A74A-EB552CB82135}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B130A782-33DB-4901-BFAD-C57368E58A40}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{B2E354B9-6676-4023-A110-64AABA7FF40F}" = protocol=17 | dir=in | app=c:\games (x86)\crysis 3\bin32\crysis3.exe |
"{B6828FEB-6B4D-4EF8-B797-DE9EF8820FCF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B68499F5-BDED-4A9E-9BF1-1C1DED991249}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{B7454BA3-C0C5-48B4-A48A-CA100C1FF9BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCA28DDE-55DB-4A6D-A6D0-D0EEBCE0C33D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0BB68CF-ACF2-4435-B74B-D1BC01B64170}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C31FE289-7E83-40B7-95B3-6960BA75F475}" = protocol=6 | dir=out | app=system |
"{C7B1C8A1-DC7F-44C6-81FD-C66324A498BC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF693C20-EBB4-461F-AD96-92AA11944150}" = protocol=17 | dir=in | app=c:\mass effect 3\binaries\win32\masseffect3.exe |
"{D785C240-40E0-4970-BB9C-65739C24EDDC}" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\gfl_client.exe |
"{E1218FFD-083D-4884-A236-E128F1D38DA2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6C58A9C-F8A8-431A-9D57-906CC02142B0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{F4C65660-912B-43E7-94AA-46F2674A2ACA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{FDEE419F-2258-4C0E-903F-E1C5AB04D7F0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{4B9AA9FC-E0AA-40C7-A5EA-A0343E6FC876}C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe |
"TCP Query User{635BA5A9-FCF9-4B0B-A5B4-A0B0538B573B}C:\counter-strike 1.6\csko.exe" = protocol=6 | dir=in | app=c:\counter-strike 1.6\csko.exe |
"TCP Query User{F0378343-A5C1-4213-98C9-07F3BE011062}C:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe" = protocol=6 | dir=in | app=c:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe |
"UDP Query User{25595874-DF13-4184-8FEB-279D78C226FA}C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe |
"UDP Query User{48101C33-E6C3-4A6A-AB76-3D81CFB22E0A}C:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe" = protocol=17 | dir=in | app=c:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe |
"UDP Query User{6E671F93-B15D-4712-B8AF-301C06F0B3E9}C:\counter-strike 1.6\csko.exe" = protocol=17 | dir=in | app=c:\counter-strike 1.6\csko.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding
"{18F14F4B-D8A9-4309-817E-3BC0B7664E53}" = COMODO Firewall
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{5FC3AA31-66F9-0844-0B77-D51DAD5E1293}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}" = O&O Defrag Free Edition
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{C8118019-96B5-42FB-9A45-5D82D1CB62EE}" = AxCrypt 1.7.2867.0
"{CB8B2273-EEE7-03ED-D92F-953F801C5AFF}" = AMD Wireless Display v3.0
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F2A7CE36-57BF-5C86-952D-90DBF3746D82}" = AMD Catalyst Install Manager
"{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1" = MPC-BE x64 1.4.3.5001
"HWiNFO64_is1" = HWiNFO64 Version 4.50
"MediaInfo" = MediaInfo 0.7.72
"WinRAR archiver" = WinRAR 5.10 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01712CA4-357E-B173-896C-75F612318729}" = CCC Help Japanese
"{01DEE6F4-E8AD-56B3-23CD-85CE71C08C57}" = CCC Help Danish
"{0203374B-2FFF-346D-0CC3-CACA1E85AD2C}" = CCC Help Greek
"{0F659036-14C7-4622-9505-35A0DC93526A}" = System Requirements Lab
"{0FE3F13F-8A37-46BA-F973-762F81E833C3}" = CCC Help French
"{11074A02-0E73-7CD6-5A95-42B3EF438B7E}" = CCC Help Portuguese
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{13309695-DDAB-4DAA-FE9A-EE3DCCDC8D19}" = CCC Help Czech
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1543E140-FADF-9E99-D388-4435C2FBC55E}" = CCC Help Chinese Standard
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{253B90F3-7907-FB4B-7A62-6DE51B7A905D}" = CCC Help Chinese Traditional
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{2C9A2369-162D-7AD7-D50F-5F59CEC8A046}" = CCC Help Danish
"{2D61415B-F99C-8161-F452-760B6E441428}" = CCC Help Hungarian
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{339647D6-A277-974F-FF29-83CA6284559B}" = CCC Help German
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3FDC2029-3012-C74C-9036-9E7C942EB0A2}" = CCC Help Thai
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}" = Crysis®3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A449AED-BFFA-A416-99F2-BF2462968370}" = CCC Help Italian
"{4BD8FB0D-9407-429D-C412-FAE0A318A8AE}" = CCC Help Polish
"{4D594F78-0C6D-1442-61CC-94D735FEC05D}" = CCC Help English
"{5958C669-28BF-D667-A004-E6FBF448027D}" = CCC Help Spanish
"{5F3E61A8-6465-4F78-B6BC-758A8FCDA736}" = CCC Help French
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{637B1239-84B7-0B0F-2549-7020CA57C831}" = CCC Help Thai
"{661456B2-8102-D50F-CACD-7D7290716644}" = AMD Catalyst Control Center
"{69F64374-D859-E478-3BE7-DF995BB45A72}" = CCC Help Chinese Standard
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6AE0A655-9BB8-460E-1956-ED37E3B221FA}" = CCC Help Greek
"{6B254D2F-6F6F-5455-DD3B-E71E5C1C0C9A}" = AMD Catalyst Control Center
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}" = Alcor Micro USB Card Reader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7481E13B-EC16-1B14-0E32-E88165CD4C57}" = Catalyst Control Center Graphics Previews Common
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.4.7.121
"{7ABA4B54-3672-0548-C1CC-97405F767061}" = CCC Help Russian
"{7BF6AB6F-353B-6F9A-98D7-682429B63197}" = Catalyst Control Center InstallProxy
"{7FE73251-50FA-E864-67EB-19C4BC7AA1C9}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842F265F-32FE-C610-78DA-F5CE882EFA32}" = CCC Help English
"{85579986-337B-C4C3-E86D-8E39F1D2A4A8}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{894CBED0-8225-D59B-5632-D01B14C6D520}" = CCC Help Norwegian
"{8BD7C51C-0CC4-3E28-CFDC-F7D4C5583783}" = CCC Help Finnish
"{8ECCC07B-83E3-3877-26DF-815CD2B30749}" = CCC Help Italian
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{91B33C97-91F8-FFB3-581B-BC952C901685}_is1" = Ashampoo Burning Studio FREE v.1.14.5
"{925ADFF9-CFF2-57DC-1D09-664BE1306998}" = CCC Help Korean
"{940CFCDC-086A-E320-21DF-8AEB71D6F817}" = CCC Help Norwegian
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{971F06EE-6075-B8CE-115E-D2C74BE124C1}" = CCC Help Dutch
"{988949CE-DE9A-D187-A010-22B9085FB813}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A838EB7-B0EE-F822-FE93-5B38B04C6E18}" = CCC Help Russian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.5
"{9F609522-2B52-5EC4-6E5F-070E5EB47275}" = Catalyst Control Center Graphics Previews Common
"{9F850990-19CD-8CF4-D772-F84ECAAFEB7A}" = CCC Help Turkish
"{A85092B2-8FB5-5A8C-B27A-69A3D78979D8}" = CCC Help Korean
"{A8EF51A6-F00D-6050-81F3-0AF338B81B04}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B1977E93-5FC0-0BA4-2D5A-D3E69870C7D4}" = CCC Help Chinese Traditional
"{B9372168-0CCC-3F40-B16F-A7AF1DB67149}" = CCC Help Finnish
"{BBC9BF50-A35D-B0C2-9117-F3CA2F6BB64A}" = CCC Help Czech
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CACB117C-8574-E9EA-C605-84673E9A7DDF}" = CCC Help Spanish
"{D0FD2FF9-1BE9-E729-3878-9A603B5F1529}" = Catalyst Control Center Localization All
"{D94F2DE6-55B4-B211-A381-54089BC791A0}" = CCC Help Japanese
"{DC7734A3-535B-6FC6-39EE-A62E71FCAE63}" = Catalyst Control Center Localization All
"{DD131D15-2FD4-B0B1-6F7F-2312CBE77799}" = CCC Help Swedish
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{EEFDBD75-0BD9-AC5F-8F61-903C6A19C0ED}" = CCC Help Dutch
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5663E7F-79CA-4022-8B39-D855A4E0BF58}" = Manažer napájení
"{F8135163-F185-895A-C4CD-AB316D585030}" = CCC Help German
"{FB415F81-DC5E-ED99-D2FE-3DC4D88BCA58}" = CCC Help Turkish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Story_CZ_is1" = 4Story CZ 4.4.145
"AC3Filter_is1" = AC3Filter 2.0a
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.1.14
"DAEMON Tools Lite" = DAEMON Tools Lite
"Drakensang Online" = Drakensang Online
"FormatFactory" = FormatFactory 3.5.0.0
"Google Chrome" = Google Chrome
"InstallShield_{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}" = Alcor Micro USB Card Reader
"Kingdoms of Amalur Reckoning_is1" = Kingdoms of Amalur Reckoning
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"PunkBusterSvc" = PunkBuster Services
"Razer Cortex_is1" = Razer Cortex
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"Splinter Cell CZ 1.0_is1" = Splinter Cell CZ 1.0
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"VLC media player" = VLC media player
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.4.2015 2:43:13 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.4.2015 10:58:42 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.4.2015 14:37:40 | Computer Name = despo367-PC | Source = VSS | ID = 8194
Description =
Error - 16.4.2015 14:41:11 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.4.2015 18:37:37 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.4.2015 19:43:45 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.4.2015 12:40:20 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.4.2015 13:31:27 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.4.2015 14:06:16 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 18.4.2015 1:59:07 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 17.4.2015 16:57:52 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:11 | Computer Name = despo367-PC | Source = PNRPSvc | ID = 102
Description =
Error - 18.4.2015 1:59:11 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 18.4.2015 1:59:11 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = PNRPSvc | ID = 102
Description =
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = PNRPSvc | ID = 102
Description =
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
< End of report >
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\despo367\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17728)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
5,98 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 46,54% Memory free
11,96 Gb Paging File | 9,26 Gb Available in Paging File | 77,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 239,17 Gb Free Space | 25,68% Space Free | Partition Type: NTFS
Drive H: | 7,07 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Computer Name: DESPO367-PC | User Name: despo367 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07D3F58D-619F-45B7-8328-50B82E518829}" = lport=137 | protocol=17 | dir=in | app=system |
"{12AAF8DA-6C21-4C01-B1AF-C560DCEEAB46}" = rport=10243 | protocol=6 | dir=out | app=system |
"{225AD235-C658-4F49-8F97-5BB5E3369426}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{30FF7F59-A0B4-432C-88E0-42AE2B3EDCDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{41E4FC25-3846-4904-9286-6F63317A3961}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4BB39F57-EEAA-4464-A661-4983169FF1C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4BD9768E-BD71-499B-BBE6-15ACA29C51CB}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{5423BE34-674C-46A1-9C26-7CF76D09FB5B}" = rport=137 | protocol=17 | dir=out | app=system |
"{58AD881E-5E58-49BC-9135-C82275E9EF28}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6EFE29CC-1203-4C92-B579-25981A8CDFB6}" = lport=138 | protocol=17 | dir=in | app=system |
"{77C60B15-5EEE-4C24-9036-15E46658AE27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7B06E5FA-8796-49B2-8E3F-5E6FC41D0B43}" = lport=445 | protocol=6 | dir=in | app=system |
"{7D570413-5696-4F88-9573-727A94E3E050}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0A61BD9-DA84-40F4-9480-8E5AE997937D}" = rport=139 | protocol=6 | dir=out | app=system |
"{A28AE130-4C90-4094-9605-EEEEED3BCE62}" = lport=139 | protocol=6 | dir=in | app=system |
"{AC73A7CD-E736-4C8D-896C-66B7B5B4DF68}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{ADC4B121-D601-4262-8A3B-C2B99E77568A}" = rport=138 | protocol=17 | dir=out | app=system |
"{ADE96195-63DB-40D8-8566-3A97C7B081F3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C341E1FF-9DE6-4A7B-92C2-D84B5EC7DFB7}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C50BF86F-7F23-4B71-9B70-2A421330DBAA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{D168D73C-5158-4E9E-8181-FB5C98C82293}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E1CCC5AF-236C-4559-A471-269032F66BCD}" = rport=445 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08FECD75-27CE-4DBF-BD63-8D06BCB8EAD5}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0A5F8D4F-C58F-4A4A-B153-2279E58B5F00}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{0ACAA86B-F20C-4478-88F9-BB01C6193A19}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{0EFECD27-1853-4635-ACA6-7900CD28AE20}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{17391054-78A5-49B1-BE71-8642A3D3A278}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{1ACA8229-B326-48BD-8B24-FD5C832F6AEA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2276A5C8-BB4A-4911-92D9-DDD19E37D66E}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{35161F4C-9EB7-4154-8538-DEBF12E31C44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{35DF832E-35E4-4DEB-81F5-D660AE81E138}" = protocol=6 | dir=in | app=c:\mass effect 3\binaries\win32\masseffect3.exe |
"{36242F9C-9063-49D5-9255-EE4DF3C49C98}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{39AEC4BB-9339-4C5E-B8C0-E3EF0E5E315B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3B512CDF-2B45-45ED-8E79-885DE9376A31}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{41326910-9155-4921-8B2E-CFFAA2D7C5F5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{541B5616-61A4-4102-BD47-FA52BB916A3F}" = protocol=17 | dir=in | app=c:\users\despo367\appdata\roaming\utorrent\utorrent.exe |
"{6D9184CC-4824-479B-BE07-11E1F4957EEC}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{74C90A16-ADB8-4FCA-8614-F7BB83E18D5B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{79C9B240-25F6-49B1-AE14-A86C629BD54F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{82055163-DB79-4A43-B16A-CFD0C780ED80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{89410684-B457-40EC-80B0-CBFB0C8D94B6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{896C0C3D-7CAF-4318-87CA-3D1856DD2C10}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{8ECC80C2-ACE0-4638-9A83-787832CBA85B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A34BD7CB-B84E-4F95-ADF4-6CFDFFB5B67F}" = protocol=6 | dir=in | app=c:\users\despo367\appdata\roaming\utorrent\utorrent.exe |
"{A40F3918-50E3-4932-BED9-A7162DC7DF00}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{A5C3C386-03DF-47CF-A4B6-DD047E912DB7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8B7ECF4-23BD-4E96-A5EF-ECB5D7B22B67}" = protocol=6 | dir=in | app=c:\games (x86)\crysis 3\bin32\crysis3.exe |
"{AEC2156C-32F9-49FA-A74A-EB552CB82135}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B130A782-33DB-4901-BFAD-C57368E58A40}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3_d3d11.exe |
"{B2E354B9-6676-4023-A110-64AABA7FF40F}" = protocol=17 | dir=in | app=c:\games (x86)\crysis 3\bin32\crysis3.exe |
"{B6828FEB-6B4D-4EF8-B797-DE9EF8820FCF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B68499F5-BDED-4A9E-9BF1-1C1DED991249}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3editor.exe |
"{B7454BA3-C0C5-48B4-A48A-CA100C1FF9BB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCA28DDE-55DB-4A6D-A6D0-D0EEBCE0C33D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C0BB68CF-ACF2-4435-B74B-D1BC01B64170}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{C31FE289-7E83-40B7-95B3-6960BA75F475}" = protocol=6 | dir=out | app=system |
"{C7B1C8A1-DC7F-44C6-81FD-C66324A498BC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF693C20-EBB4-461F-AD96-92AA11944150}" = protocol=17 | dir=in | app=c:\mass effect 3\binaries\win32\masseffect3.exe |
"{D785C240-40E0-4970-BB9C-65739C24EDDC}" = protocol=6 | dir=in | app=c:\program files (x86)\gameforgelive\gfl_client.exe |
"{E1218FFD-083D-4884-A236-E128F1D38DA2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E6C58A9C-F8A8-431A-9D57-906CC02142B0}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\farcry3.exe |
"{F4C65660-912B-43E7-94AA-46F2674A2ACA}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\farcry 3\bin\fc3updater.exe |
"{FDEE419F-2258-4C0E-903F-E1C5AB04D7F0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{4B9AA9FC-E0AA-40C7-A5EA-A0343E6FC876}C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe |
"TCP Query User{635BA5A9-FCF9-4B0B-A5B4-A0B0538B573B}C:\counter-strike 1.6\csko.exe" = protocol=6 | dir=in | app=c:\counter-strike 1.6\csko.exe |
"TCP Query User{F0378343-A5C1-4213-98C9-07F3BE011062}C:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe" = protocol=6 | dir=in | app=c:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe |
"UDP Query User{25595874-DF13-4184-8FEB-279D78C226FA}C:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\kingdoms of amalur reckoning\reckoning.exe |
"UDP Query User{48101C33-E6C3-4A6A-AB76-3D81CFB22E0A}C:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe" = protocol=17 | dir=in | app=c:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe |
"UDP Query User{6E671F93-B15D-4712-B8AF-301C06F0B3E9}C:\counter-strike 1.6\csko.exe" = protocol=17 | dir=in | app=c:\counter-strike 1.6\csko.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding
"{18F14F4B-D8A9-4309-817E-3BC0B7664E53}" = COMODO Firewall
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{426582A8-202F-D13C-8BD5-F00551BAFC93}" = AMD Wireless Display v3.0
"{5FC3AA31-66F9-0844-0B77-D51DAD5E1293}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F2415FA-72F2-F029-0450-4EB2FAE484C5}" = AMD Accelerated Video Transcoding
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029" = Microsoft .NET Framework 4.5.2 (čeština)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}" = O&O Defrag Free Edition
"{C48AF3CF-C632-3C19-838E-7DAB7283D46A}" = Microsoft .NET Framework 4.5.2 (CSY)
"{C8118019-96B5-42FB-9A45-5D82D1CB62EE}" = AxCrypt 1.7.2867.0
"{CB8B2273-EEE7-03ED-D92F-953F801C5AFF}" = AMD Wireless Display v3.0
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{F2A7CE36-57BF-5C86-952D-90DBF3746D82}" = AMD Catalyst Install Manager
"{FE09AF6D-78B2-4093-B012-FCDAF78693CE}_is1" = MPC-BE x64 1.4.3.5001
"HWiNFO64_is1" = HWiNFO64 Version 4.50
"MediaInfo" = MediaInfo 0.7.72
"WinRAR archiver" = WinRAR 5.10 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01712CA4-357E-B173-896C-75F612318729}" = CCC Help Japanese
"{01DEE6F4-E8AD-56B3-23CD-85CE71C08C57}" = CCC Help Danish
"{0203374B-2FFF-346D-0CC3-CACA1E85AD2C}" = CCC Help Greek
"{0F659036-14C7-4622-9505-35A0DC93526A}" = System Requirements Lab
"{0FE3F13F-8A37-46BA-F973-762F81E833C3}" = CCC Help French
"{11074A02-0E73-7CD6-5A95-42B3EF438B7E}" = CCC Help Portuguese
"{11087D24-567D-7D88-69C6-D7A08B5F4C47}" = Catalyst Control Center - Branding
"{13309695-DDAB-4DAA-FE9A-EE3DCCDC8D19}" = CCC Help Czech
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1543E140-FADF-9E99-D388-4435C2FBC55E}" = CCC Help Chinese Standard
"{22154f09-719a-4619-bb71-5b3356999fbf}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{253B90F3-7907-FB4B-7A62-6DE51B7A905D}" = CCC Help Chinese Traditional
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{26A24AE4-039D-4CA4-87B4-2F83218045F0}" = Java 8 Update 45
"{2C9A2369-162D-7AD7-D50F-5F59CEC8A046}" = CCC Help Danish
"{2D61415B-F99C-8161-F452-760B6E441428}" = CCC Help Hungarian
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{339647D6-A277-974F-FF29-83CA6284559B}" = CCC Help German
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{3FDC2029-3012-C74C-9036-9E7C942EB0A2}" = CCC Help Thai
"{4198AE83-A3C6-4C41-85C8-EC63E990696E}" = Crysis®3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A449AED-BFFA-A416-99F2-BF2462968370}" = CCC Help Italian
"{4BD8FB0D-9407-429D-C412-FAE0A318A8AE}" = CCC Help Polish
"{4D594F78-0C6D-1442-61CC-94D735FEC05D}" = CCC Help English
"{5958C669-28BF-D667-A004-E6FBF448027D}" = CCC Help Spanish
"{5F3E61A8-6465-4F78-B6BC-758A8FCDA736}" = CCC Help French
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{637B1239-84B7-0B0F-2549-7020CA57C831}" = CCC Help Thai
"{661456B2-8102-D50F-CACD-7D7290716644}" = AMD Catalyst Control Center
"{69F64374-D859-E478-3BE7-DF995BB45A72}" = CCC Help Chinese Standard
"{6A9D1594-7791-48f5-9CAA-DE9BCB968320}" = Mass Effect™ 3
"{6AE0A655-9BB8-460E-1956-ED37E3B221FA}" = CCC Help Greek
"{6B254D2F-6F6F-5455-DD3B-E71E5C1C0C9A}" = AMD Catalyst Control Center
"{6B84E528-9705-4D36-9C97-97B8E23DAB75}" = League of Legends
"{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}" = Alcor Micro USB Card Reader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7481E13B-EC16-1B14-0E32-E88165CD4C57}" = Catalyst Control Center Graphics Previews Common
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.4.7.121
"{7ABA4B54-3672-0548-C1CC-97405F767061}" = CCC Help Russian
"{7BF6AB6F-353B-6F9A-98D7-682429B63197}" = Catalyst Control Center InstallProxy
"{7FE73251-50FA-E864-67EB-19C4BC7AA1C9}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{842F265F-32FE-C610-78DA-F5CE882EFA32}" = CCC Help English
"{85579986-337B-C4C3-E86D-8E39F1D2A4A8}" = CCC Help Hungarian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{894CBED0-8225-D59B-5632-D01B14C6D520}" = CCC Help Norwegian
"{8BD7C51C-0CC4-3E28-CFDC-F7D4C5583783}" = CCC Help Finnish
"{8ECCC07B-83E3-3877-26DF-815CD2B30749}" = CCC Help Italian
"{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile
"{91B33C97-91F8-FFB3-581B-BC952C901685}_is1" = Ashampoo Burning Studio FREE v.1.14.5
"{925ADFF9-CFF2-57DC-1D09-664BE1306998}" = CCC Help Korean
"{940CFCDC-086A-E320-21DF-8AEB71D6F817}" = CCC Help Norwegian
"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX
"{971F06EE-6075-B8CE-115E-D2C74BE124C1}" = CCC Help Dutch
"{988949CE-DE9A-D187-A010-22B9085FB813}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A838EB7-B0EE-F822-FE93-5B38B04C6E18}" = CCC Help Russian
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 2.0.5
"{9F609522-2B52-5EC4-6E5F-070E5EB47275}" = Catalyst Control Center Graphics Previews Common
"{9F850990-19CD-8CF4-D772-F84ECAAFEB7A}" = CCC Help Turkish
"{A85092B2-8FB5-5A8C-B27A-69A3D78979D8}" = CCC Help Korean
"{A8EF51A6-F00D-6050-81F3-0AF338B81B04}" = CCC Help Polish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Czech
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B1977E93-5FC0-0BA4-2D5A-D3E69870C7D4}" = CCC Help Chinese Traditional
"{B9372168-0CCC-3F40-B16F-A7AF1DB67149}" = CCC Help Finnish
"{BBC9BF50-A35D-B0C2-9117-F3CA2F6BB64A}" = CCC Help Czech
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CACB117C-8574-E9EA-C605-84673E9A7DDF}" = CCC Help Spanish
"{D0FD2FF9-1BE9-E729-3878-9A603B5F1529}" = Catalyst Control Center Localization All
"{D94F2DE6-55B4-B211-A381-54089BC791A0}" = CCC Help Japanese
"{DC7734A3-535B-6FC6-39EE-A62E71FCAE63}" = Catalyst Control Center Localization All
"{DD131D15-2FD4-B0B1-6F7F-2312CBE77799}" = CCC Help Swedish
"{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}" = Far Cry 3
"{EEFDBD75-0BD9-AC5F-8F61-903C6A19C0ED}" = CCC Help Dutch
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5663E7F-79CA-4022-8B39-D855A4E0BF58}" = Manažer napájení
"{F8135163-F185-895A-C4CD-AB316D585030}" = CCC Help German
"{FB415F81-DC5E-ED99-D2FE-3DC4D88BCA58}" = CCC Help Turkish
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"4Story_CZ_is1" = 4Story CZ 4.4.145
"AC3Filter_is1" = AC3Filter 2.0a
"Adobe Flash Player ActiveX" = Adobe Flash Player 17 ActiveX
"AIMP3" = AIMP3
"Avast" = Avast Free Antivirus
"CrystalDiskInfo_is1" = CrystalDiskInfo 6.1.14
"DAEMON Tools Lite" = DAEMON Tools Lite
"Drakensang Online" = Drakensang Online
"FormatFactory" = FormatFactory 3.5.0.0
"Google Chrome" = Google Chrome
"InstallShield_{6D2EFF3B-B191-4B1F-8ABF-C4A8028DB8CF}" = Alcor Micro USB Card Reader
"Kingdoms of Amalur Reckoning_is1" = Kingdoms of Amalur Reckoning
"League of Legends 3.0.1" = League of Legends
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware verze 2.0.4.1028
"PunkBusterSvc" = PunkBuster Services
"Razer Cortex_is1" = Razer Cortex
"Secunia PSI" = Secunia PSI (3.0.0.9016)
"Splinter Cell CZ 1.0_is1" = Splinter Cell CZ 1.0
"TechPowerUp GPU-Z" = TechPowerUp GPU-Z
"VLC media player" = VLC media player
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Counter-Strike 1.6_is1" = Counter-Strike 1.6 v42
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 16.4.2015 2:43:13 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.4.2015 10:58:42 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.4.2015 14:37:40 | Computer Name = despo367-PC | Source = VSS | ID = 8194
Description =
Error - 16.4.2015 14:41:11 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.4.2015 18:37:37 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.4.2015 19:43:45 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.4.2015 12:40:20 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.4.2015 13:31:27 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 17.4.2015 14:06:16 | Computer Name = despo367-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 18.4.2015 1:59:07 | Computer Name = despo367-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 17.4.2015 16:57:52 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:11 | Computer Name = despo367-PC | Source = PNRPSvc | ID = 102
Description =
Error - 18.4.2015 1:59:11 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 18.4.2015 1:59:11 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = PNRPSvc | ID = 102
Description =
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = PNRPSvc | ID = 102
Description =
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7023
Description = Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena
s následující chybou: %%-2140993535
Error - 18.4.2015 1:59:21 | Computer Name = despo367-PC | Source = Service Control Manager | ID = 7001
Description = Služba Seskupování v sítích peer-to-peer závisí na službě Protokol
PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující
chyby: %%-2140993535
< End of report >
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
Orcus
- člen Security týmu
-
Elite Level 10.5
- Příspěvky: 10645
- Registrován: duben 10
- Bydliště: Okolo rostou 3 růže =o)
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
Zlegalizuj si Office a odmaž si veškeré cracky, co máš kde schované, jinak nemá smysl čistit dále. 
Comodo FW nech, je to také řešení. Nicméně je vidět, že nemáš od Comoda jen FW, ale celé COMODO Internet Security. Přikláněl bych se tedy spíš k Windows FW, který bohatě stačí.
Trvale deaktivuj Windows Defender.
Na virustotal otestuj tyto soubory a dodej odkazy:
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
C:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe
Comodo FW nech, je to také řešení. Nicméně je vidět, že nemáš od Comoda jen FW, ale celé COMODO Internet Security. Přikláněl bych se tedy spíš k Windows FW, který bohatě stačí.
Trvale deaktivuj Windows Defender.
Na virustotal otestuj tyto soubory a dodej odkazy:
Kód: Vybrat vše
C:\Users\despo367\AppData\Roaming\pcouffin.sys
C:\Program Files (x86)\update-witcher2.bat
C:\Users\despo367\AppData\Roaming\inst.exePoklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.cz/
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{057989F8-2E7D-455A-8070-E0423AF73CE4}: "URL" = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_21882
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9C63D76B-9AA2-4752-AA1B-A69130077939}: "URL" = https://www.google.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{AF6FBD34-D1B9-4E44-86A0-383C05DE0F15}: "URL" = https://www.google.com/search?q={searchTerms}
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\despo367\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll (Ubisoft)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.04.07 17:07:24 | 000,000,000 | ---D | M]
CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\ablploimnfndjhngijoeekcoillceikj\2_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\2.5.16_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_1\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.417.10417_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\despo367\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
O4:64bit: - HKLM..\Run: [OODefragTray] C:\Program Files\OO Software\Defrag\oodtray.exe (O&O Software GmbH)
O13 - gopher Prefix: missing
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\users\despo367\downloads\microsoft office 2013 professional plus activation crack\microsoft toolkit 2.4.5.exe
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
Láska hřeje, ale uhlí je uhlí. 
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.
Pár rad k bezpečnosti PC.
Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix
Pokud budete spokojeni , můžete podpořit naše fórum.
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu Vyřešeno
Zdravím. Tak je dočistěno. Jelikož se mi ráno nechtěl načíst windows, tak jsem se nasral zformátoval HDD a reinstaloval Win7. Každopádně díky moc za pomoc. Nainstaloval jsem avast a win FW. Poradíte ještě co na čistění, když ste zavrhli ccleaner ?
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
Re: Prosím o kontrolu Logu
Ok, díky za info. 
Bohatě stačí integrovaný ve Windows:
Potom si můžeš udělat skriptík na občasné mazání tempů:
Nic dalšího není třeba.
Bohatě stačí integrovaný ve Windows:
Kód: Vybrat vše
cleanmgr.exePotom si můžeš udělat skriptík na občasné mazání tempů:
Kód: Vybrat vše
del /s /f /q %TEMP%
del /s /f /q %TMP%Nic dalšího není třeba.
-
desperado007
- Level 3.5
- Příspěvky: 922
- Registrován: září 12
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
ok thans
AMD Ryzen 5 5600
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
AMD Radeon RX 9060 XT 16GB
Corsair 2x16 GB ddr4 3200 MT/s
HDD WDC WD10EZEX-08M2NA0 1TB
SSD KINGSTON SA2000M8 250 GB
Seasonic Focus Gold 550 W
MSI B450-A PRO (MS-7B86)
Microsoft Windows 11 Professional (x64)
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu Logu
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 121 hostů