Prosím o kontrolu logu

Zpráva

HinataCode · #1 Příspěvek od **HinataCode** » 16 zář 2015 10:05

Ahoj, ve Správci úloh mám tyto aplikace, taskmgr.exe a winlogon.exe. Dočetl jsem se, že to jsou viry a pc pomalu nabíhá.

Logfile of random's system information tool 1.10 (written by random/random)
Run by yourfragged at 2015-09-16 10:56:24
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 252 GB (53%) free of 477 GB
Total RAM: 2047 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:56:30, on 16.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.18487)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Game\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Game\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.255\deploy\LoLLauncher.exe
C:\Game\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.39\deploy\LoLPatcher.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\LolClient.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\yourfragged.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 304F50CB37
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Spyware Terminator 2015 Internet Guard - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
O4 - HKLM\..\Run: [Avira System Speedup] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe -autorun
O4 - HKLM\..\Run: [Speedup_umh] C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - Unknown owner - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8025 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\Antivirus\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Avira\Antivirus\avguard.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Avira\Antivirus\avshadow.exe" avshadowcontrol0_0000064c
"C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Avira\Antivirus\avgnt.exe" /min
"C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe" /connectToHost
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Game\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe" updateandrun lol_launcher LoLLauncher.exe
LoLLauncher.exe
"C:/Game/Riot Games/League of Legends/RADS/projects/lol_patcher/releases/0.0.0.39/deploy/LoLPatcher.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /INSTALL
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
"C:/Game/Riot Games/League of Legends/RADS/projects/lol_air_client/releases/0.0.1.160/deploy//LolClient.exe" -runtime .\ -nodebug META-INF\AIR\application.xml .\ -- 8393

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2116.0.1119317737\589333784" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x05e2 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4144 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/Control/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_63/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="2116.2.676238061\1271158333" --font-cache-shared-handle=2184 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group13 pct:1d stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/Control/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_63/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_08/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="2116.6.905951778\995807897" --font-cache-shared-handle=3532 /prefetch:673131151
"C:\Users\yourfragged\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\AviraSpeedup.job - C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe -autorun
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cfcd039fedc346.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cff06cd5d6b965.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0001bc8605a44.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d041b2607ada82.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d08f3eb8924b50.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0bfce628073fe.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e58944b5949e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\RDReminder.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -rem

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~2.DLL [2015-09-03 2013520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-04 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}]
Spyware Terminator 2015 Internet Guard - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [2015-09-03 1255248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-04 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2014-05-30 1279480]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2014-10-14 12697368]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-09 13672152]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-09-03 3884368]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-09-03 5473104]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Programy\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-08-19 2899136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7]
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt]
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Avira Systray]
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Programy\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorShield]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2015-09-03 3884368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminatorUpdater]
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2015-09-03 5473104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Avira SystrayStartTrigger"=C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [2015-08-13 66936]
"avgnt"=C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2015-08-06 782008]
"Avira System Speedup"=C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25 10628240]
"Speedup_umh"=C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe [2015-08-25 194832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.RTV1"=rtvcvfw64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-16 10:40:40 ----D---- C:\FRST
2015-09-15 22:40:10 ----D---- C:\Users\yourfragged\AppData\Roaming\Avira
2015-09-15 22:35:35 ----D---- C:\Users\yourfragged\AppData\Roaming\Mozilla
2015-09-15 22:30:31 ----A---- C:\Windows\system32\drivers\avnetflt.sys
2015-09-15 22:30:31 ----A---- C:\Windows\system32\drivers\avkmgr.sys
2015-09-15 22:30:30 ----A---- C:\Windows\system32\drivers\avipbb.sys
2015-09-15 22:30:30 ----A---- C:\Windows\system32\drivers\avgntflt.sys
2015-09-15 22:27:44 ----D---- C:\ProgramData\Avira

======List of files/folders modified in the last 1 month======

2015-09-16 10:56:29 ----D---- C:\Windows\Temp
2015-09-16 10:56:29 ----D---- C:\Program Files\trend micro
2015-09-16 10:54:28 ----D---- C:\Windows\Prefetch
2015-09-16 10:54:20 ----D---- C:\rsit
2015-09-16 10:44:03 ----D---- C:\Windows
2015-09-16 10:29:41 ----D---- C:\ProgramData\Spyware Terminator
2015-09-16 10:23:35 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-09-16 10:04:58 ----D---- C:\Program Files (x86)\Steam
2015-09-16 10:00:36 ----D---- C:\Windows\system32\catroot2
2015-09-16 09:59:05 ----D---- C:\ProgramData\NVIDIA
2015-09-16 01:23:59 ----D---- C:\Windows\system32\catroot
2015-09-16 00:59:02 ----D---- C:\Windows\inf
2015-09-16 00:46:49 ----D---- C:\Windows\Tasks
2015-09-16 00:32:06 ----SHD---- C:\Windows\Installer
2015-09-16 00:32:04 ----SHD---- C:\Config.Msi
2015-09-16 00:31:59 ----RD---- C:\Program Files (x86)
2015-09-16 00:24:25 ----SHD---- C:\System Volume Information
2015-09-15 23:56:34 ----D---- C:\Windows\Panther
2015-09-15 23:56:33 ----D---- C:\Windows\system32\Msdtc
2015-09-15 23:56:33 ----D---- C:\Windows\system32\config
2015-09-15 23:56:33 ----D---- C:\Windows\System32
2015-09-15 23:56:33 ----D---- C:\Windows\Logs
2015-09-15 23:56:33 ----D---- C:\Users\yourfragged\AppData\Roaming\uTorrent
2015-09-15 23:56:33 ----D---- C:\ProgramData\NVIDIA Corporation
2015-09-15 23:56:33 ----D---- C:\ProgramData\Logs
2015-09-15 23:56:33 ----D---- C:\ProgramData\GarenaMessenger
2015-09-15 23:56:33 ----D---- C:\Program Files (x86)\TeamSpeak 3 Client
2015-09-15 23:56:33 ----D---- C:\Program Files (x86)\MSI Kombustor 2.5
2015-09-15 23:55:59 ----D---- C:\Windows\SYSWOW64\LogFiles
2015-09-15 23:55:59 ----D---- C:\Windows\system32\LogFiles
2015-09-15 23:40:16 ----RSD---- C:\Windows\Fonts
2015-09-15 23:40:12 ----D---- C:\Program Files (x86)\Avira
2015-09-15 22:32:53 ----D---- C:\Windows\system32\drivers
2015-09-15 22:27:44 ----HD---- C:\ProgramData
2015-09-15 22:27:32 ----D---- C:\ProgramData\Package Cache
2015-09-15 00:26:46 ----D---- C:\Games
2015-09-15 00:26:14 ----D---- C:\Program Files (x86)\The Wolf Among Us Episode 2
2015-09-14 12:05:54 ----D---- C:\Windows\system32\NDF
2015-09-05 22:10:40 ----A---- C:\Windows\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2013-05-22 17720]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2015-08-06 141416]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2015-08-06 28600]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-07 283200]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2015-08-06 162528]
R2 avnetflt;avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [2015-08-06 44088]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2014-07-15 43168]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-07-17 51496]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-14 3962840]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\LGBusEnum.sys [2009-11-24 22408]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; C:\Windows\system32\drivers\LGVirHid.sys [2009-11-24 16008]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-03-31 40392]
R3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver; C:\Windows\system32\DRIVERS\Rtnic64.sys [2009-06-10 51712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-20 883928]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2014-07-15 310728]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Progamy\Garena Plus\Room\safedrv.sys []
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
S3 Razerlow;Razer Pro|Solutions; C:\Windows\system32\drivers\Razerlow.sys [2013-11-20 11136]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-19 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2013-11-19 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-11-19 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-11-19 30208]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinRing0_1_2_0;WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2015-08-06 461672]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\Antivirus\sched.exe [2015-08-06 461672]
R2 Avira.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2015-08-13 228104]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-02-04 932040]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2015-09-03 3037520]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-02-04 409800]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2015-08-06 887128]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2015-08-06 1213072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe []
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-02 144200]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-08 569024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]

-----------------EOF-----------------

#2 Příspěvek od **vyosek** » 16 zář 2015 10:30

Zdravim

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na OTL pravym a dejte Run As Administrator ci Spustit jako spravce
Pokud pouzivate 64bitovy OS, zkontrolujte, zda-li je zaskrtnuty ctverecek u Pro 64 bitové OS, pokud ne, zaskrtnete jej
Zaskrtnete okenko Pro vsechny uzivatele
Zaskrtnete okenko Kontrola na havet "LOP"
Zaskrtnete okenko Kontrola na havet "Purity"
Stari souboru zmente z 30 dnu na 7 dnu
Do spodniho okenka Vlastni skenovani/opravy vlozte skript nize

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5 

*crack* /s
*keygen* /s
*loader* /s

Kliknete na tlacitko Prohledat
Po dokonceni skenu (cca 10 az 15 min) se objevi logy OTL.txt a Extras.txt, oba sem vlozte
Pokud budou logy dlouhe (forum bude kricet o prekroceni maximalniho poctu znaku), tak je rozdelte do vice prispevku

HinataCode · #3 Příspěvek od **HinataCode** » 17 zář 2015 11:00

Udělal jsem vše jak jste po mě chtěl, ale vyjel mi pouze tenhle log

OTL logfile created on: 17.9.2015 11:06:03 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\yourfragged\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

2,00 Gb Total Physical Memory | 0,30 Gb Available Physical Memory | 15,08% Memory free
4,00 Gb Paging File | 1,13 Gb Available in Paging File | 28,28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 244,38 Gb Free Space | 52,48% Space Free | Partition Type: NTFS

Computer Name: HERATIX | User Name: yourfragged | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2015.09.17 11:00:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\yourfragged\Downloads\OTL.exe
PRC - [2015.09.16 10:04:03 | 004,049,400 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.39\deploy\LoLPatcher.exe
PRC - [2015.09.16 10:01:40 | 002,221,048 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.255\deploy\LoLLauncher.exe
PRC - [2015.09.12 02:22:59 | 000,815,944 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2015.09.03 05:39:44 | 003,884,368 | ---- | M] (Crawler Group, LLC) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2015.09.03 05:39:38 | 006,818,128 | ---- | M] (Crawler Group, LLC) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
PRC - [2015.08.13 12:03:00 | 000,132,808 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
PRC - [2015.08.13 12:01:24 | 000,228,104 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
PRC - [2015.08.06 20:58:24 | 000,461,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe
PRC - [2015.08.06 20:58:22 | 000,782,008 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
PRC - [2015.08.06 20:58:22 | 000,461,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe
PRC - [2015.07.09 11:33:44 | 000,345,136 | ---- | M] (Steganos Software GmbH) -- C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
PRC - [2015.02.04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013.07.10 16:16:06 | 000,074,752 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\LolClient.exe
PRC - [2013.03.01 14:13:08 | 001,300,816 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe

========== Modules (No Company Name) ==========

MOD - [2015.09.16 10:04:08 | 001,581,048 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.39\deploy\RiotLauncher.dll
MOD - [2015.09.16 10:04:03 | 004,049,400 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.39\deploy\LoLPatcher.exe
MOD - [2015.09.16 10:01:40 | 002,221,048 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.255\deploy\LoLLauncher.exe
MOD - [2015.09.12 02:22:56 | 001,501,512 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll
MOD - [2015.09.12 02:22:55 | 000,081,224 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll
MOD - [2014.07.16 19:30:21 | 002,511,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\71ef258977097f170cc76f001219d6ef\System.Data.Linq.ni.dll
MOD - [2014.07.16 19:30:04 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\eeb06f09c438a67426bdcaca022b0bff\PresentationFramework-SystemXml.ni.dll
MOD - [2014.07.16 19:30:04 | 000,013,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio4b37ff64#\565007984be1eebb2b879358cc1eb1e9\PresentationFramework-SystemXmlLinq.ni.dll
MOD - [2014.07.16 19:30:03 | 000,016,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\9f08058a7f96835fdb8bf62dc138ef4c\PresentationFramework-SystemData.ni.dll
MOD - [2014.07.16 19:29:09 | 002,959,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a00f66c9fa4095f35690cbc7e8a4663e\System.IdentityModel.ni.dll
MOD - [2014.07.16 19:29:04 | 019,537,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\e61c002b87e6a11678c2104f82d1628b\System.ServiceModel.ni.dll
MOD - [2014.07.16 19:28:44 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\36016a2c7e67f81788eebde65e1e7973\System.Xml.Linq.ni.dll
MOD - [2014.07.16 19:28:27 | 000,989,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\0e4530a56b4d401da06fbf7f212dd18a\System.ComponentModel.Composition.ni.dll
MOD - [2014.07.16 19:28:20 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\b1c2960a66470630da6ebb76469ca04e\System.ServiceModel.Internals.ni.dll
MOD - [2014.07.16 19:28:20 | 000,121,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\292289421ae443d791368181824a1ca8\SMDiagnostics.ni.dll
MOD - [2014.07.16 19:28:19 | 002,786,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\b78d2d1864738205744e16af046d79f7\System.Runtime.Serialization.ni.dll
MOD - [2014.07.16 19:27:38 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\21bb5269fe91814a3f00cfa7914d47f9\System.Numerics.ni.dll
MOD - [2014.07.16 19:20:08 | 007,566,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\63b566ebd7592ab4aac14614b05b32e0\System.Xml.ni.dll
MOD - [2014.07.16 19:20:03 | 012,698,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\cd1bbf37c5adc7bb67eabaae20649e54\System.Windows.Forms.ni.dll
MOD - [2014.07.16 19:20:02 | 001,880,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d1797a38e945a46f85cdaf2080afb5c6\System.Xaml.ni.dll
MOD - [2014.07.16 19:20:00 | 018,545,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\37731438b71b6798d934dad47ef56596\PresentationFramework.ni.dll
MOD - [2014.07.16 19:19:52 | 000,220,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\520e9928166d0989d25bc8320f458c07\System.ServiceProcess.ni.dll
MOD - [2014.07.16 19:19:50 | 001,631,744 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a095ded1f7d3feaee17336cd7e39e2f8\System.Drawing.ni.dll
MOD - [2014.07.16 19:19:47 | 007,249,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\cef48e3cde3815f277c1e330e4426be1\System.Data.ni.dll
MOD - [2014.07.16 19:19:45 | 010,926,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\1a9328ba3d852ca94185f435a05affe2\PresentationCore.ni.dll
MOD - [2014.07.16 19:19:42 | 000,964,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\b421d19f01911e8f74876ded9d5a85c0\System.Configuration.ni.dll
MOD - [2014.07.16 19:19:41 | 000,462,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\02e42498507af2efd496e1f1f17cee63\PresentationFramework.Aero.ni.dll
MOD - [2014.07.16 19:19:38 | 006,998,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e29c126f91fa5e968c7792adaf3c62ff\System.Core.ni.dll
MOD - [2014.07.16 19:19:35 | 003,910,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\3a685d1b549ea40565f41bc3d054cd06\WindowsBase.ni.dll
MOD - [2014.07.16 19:19:32 | 009,937,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fd8c46f1f500496403ec7538ab3077b6\System.ni.dll
MOD - [2014.07.16 19:19:25 | 016,546,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\e56a581b7e96d7cde5a258d43041c942\mscorlib.ni.dll
MOD - [2013.07.10 16:16:06 | 000,074,752 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\LolClient.exe
MOD - [2013.07.10 16:15:58 | 004,774,248 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
MOD - [2013.03.01 14:13:08 | 001,300,816 | ---- | M] () -- C:\Game\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
MOD - [2012.01.16 21:06:32 | 000,577,621 | ---- | M] () -- C:\Program Files (x86)\Spyware Terminator\sqlite3.dll

========== Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013.11.19 22:38:07 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.09.03 05:40:04 | 003,037,520 | ---- | M] (Crawler Group) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2015.08.13 12:01:24 | 000,228,104 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe -- (Avira.ServiceHost)
SRV - [2015.08.06 20:58:24 | 000,461,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\sched.exe -- (AntiVirSchedulerService)
SRV - [2015.08.06 20:58:22 | 001,213,072 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe -- (AntiVirWebService)
SRV - [2015.08.06 20:58:22 | 000,887,128 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe -- (AntiVirMailService)
SRV - [2015.08.06 20:58:22 | 000,461,672 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe -- (AntiVirService)
SRV - [2015.07.09 11:33:44 | 000,345,136 | ---- | M] (Steganos Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe -- (Online Shield Starter Service)
SRV - [2015.02.04 02:00:09 | 000,409,800 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014.02.08 02:02:50 | 000,569,024 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.08.06 20:58:22 | 000,162,528 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2015.08.06 20:58:22 | 000,141,416 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2015.08.06 20:58:22 | 000,044,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\avnetflt.sys -- (avnetflt)
DRV:64bit: - [2015.08.06 20:58:22 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014.07.17 16:56:26 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2014.07.16 19:12:45 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2014.07.16 19:12:45 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2014.07.15 22:33:01 | 000,310,728 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2014.07.15 22:22:45 | 000,043,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2014.03.31 18:42:44 | 000,040,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013.11.20 01:03:01 | 000,883,928 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2013.11.20 00:59:01 | 000,011,136 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Razerlow.sys -- (Razerlow)
DRV:64bit: - [2013.11.19 22:55:48 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.11.19 22:55:47 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.11.19 22:55:45 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.11.19 22:55:44 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.11.19 21:36:37 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.05.22 19:49:32 | 000,017,720 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
DRV:64bit: - [2013.04.07 23:53:13 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:53 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=1198 ... 304F50CB37
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-search.com/?q={searchT ... 304F50CB37
IE - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()

[2015.09.15 22:35:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\yourfragged\AppData\Roaming\Mozilla\Firefox\Profiles\TiNgoe74.default\extensions
[2015.09.15 23:56:33 | 000,000,000 | ---D | M] (Avira Browser Safety) -- C:\Users\yourfragged\AppData\Roaming\Mozilla\Firefox\Profiles\TiNgoe74.default\extensions\abs@avira.com

========== Chrome ==========

CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcldkjfhobpjbchknnmcemiemdjkjopn\1\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.39.1_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj\1.3_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.6_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.6_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_0\
CHR - Extension: No name found = C:\Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Spyware Terminator 2015 Internet Guard) - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll (Crawler Group, LLC)
O2:64bit: - BHO: (no name) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Spyware Terminator 2015 Internet Guard) - {82A76710-4F98-4957-92BE-99648A4E2475} - C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll (Crawler Group, LLC)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler Group, LLC)
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler Group, LLC)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira System Speedup] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Speedup_umh] C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\.DEFAULT..\Run: [SOS Browser Monitor] C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe (Steganos Software GmbH)
O4 - HKU\.DEFAULT..\Run: [SOS_Agent] C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe (Steganos Software GmbH)
O4 - HKU\S-1-5-18..\Run: [SOS Browser Monitor] C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe (Steganos Software GmbH)
O4 - HKU\S-1-5-18..\Run: [SOS_Agent] C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe (Steganos Software GmbH)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-418075006-3756309836-2948794368-1000..\Run: [DAEMON Tools Lite] C:\Programy\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-418075006-3756309836-2948794368-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-418075006-3756309836-2948794368-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 213.46.172.36 213.46.172.37
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{56331C7B-7427-4EAF-860A-A4BCACDF4221}: DhcpNameServer = 213.46.172.36 213.46.172.37
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (MACHINE BootExecut)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.RTV1 - rtvcvfw64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.RTV1 - C:\Windows\SysWow64\rtvcvfw32.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 7 Days ==========

[2015.09.17 10:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield
[2015.09.17 10:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steganos Online Shield
[2015.09.17 10:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steganos
[2015.09.16 10:40:40 | 000,000,000 | ---D | C] -- C:\FRST
[2015.09.16 10:01:21 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Local\AviraSpeedup
[2015.09.15 23:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
[2015.09.15 22:40:10 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Roaming\Avira
[2015.09.15 22:35:35 | 000,000,000 | ---D | C] -- C:\Users\yourfragged\AppData\Roaming\Mozilla
[2015.09.15 22:30:31 | 000,044,088 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2015.09.15 22:30:31 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2015.09.15 22:30:30 | 000,162,528 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2015.09.15 22:30:30 | 000,141,416 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2015.09.15 22:27:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2015.09.15 22:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 7 Days ==========

[2015.09.17 11:09:26 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.09.17 10:35:06 | 000,000,962 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.09.17 10:18:56 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.09.17 10:18:56 | 000,021,072 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.09.17 10:04:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.09.17 10:04:36 | 1610,059,776 | -HS- | M] () -- C:\hiberfil.sys
[2015.09.16 10:22:56 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Terminator 2015.lnk
[2015.09.16 09:58:59 | 000,276,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.09.16 00:43:21 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.09.16 00:30:58 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore1d0e58944b5949e.job
[2015.09.15 23:40:19 | 000,000,306 | ---- | M] () -- C:\Windows\tasks\AviraSpeedup.job
[2015.09.15 22:28:01 | 000,001,206 | ---- | M] () -- C:\Users\Public\Desktop\Avira Launcher.lnk
[6 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.09.16 10:22:56 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Terminator 2015.lnk
[2015.09.15 23:40:19 | 000,000,306 | ---- | C] () -- C:\Windows\tasks\AviraSpeedup.job
[2015.09.15 22:28:01 | 000,001,206 | ---- | C] () -- C:\Users\Public\Desktop\Avira Launcher.lnk
[2014.03.11 16:45:45 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2013.11.20 01:01:56 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2013.11.19 07:20:55 | 000,002,813 | ---- | C] () -- C:\Users\yourfragged\Unigine_Heaven_Benchmark_4.0_20131119_0620.html
[2013.11.19 07:11:22 | 001,065,984 | ---- | C] () -- C:\Users\yourfragged\AppData\Local\file__0.localstorage
[2013.11.18 22:52:30 | 000,037,376 | ---- | C] () -- C:\Windows\SysWow64\uplay_r1_loader.dll
[2013.10.06 03:42:40 | 006,307,840 | ---- | C] () -- C:\Windows\SysWow64\engine_x86_rwdi.dll
[2013.05.27 12:49:18 | 000,045,270 | ---- | C] () -- C:\Users\yourfragged\AppData\Roaming\room_v3.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.07.16 19:24:15 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.07.16 19:24:15 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015.04.29 19:52:26 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\.minecraft
[2013.04.07 23:54:13 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Babylon
[2013.04.09 22:08:54 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer
[2013.04.07 23:46:45 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer Pro
[2015.01.25 19:51:17 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\DAEMON Tools Lite
[2014.11.12 19:20:31 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\ESET
[2013.09.27 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\fltk.org
[2014.03.14 18:36:22 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Foxit Software
[2013.08.05 19:11:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\GarenaPlus
[2013.11.22 06:12:27 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Injustice
[2013.12.30 19:22:41 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\IObit
[2015.04.22 03:14:37 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Life Is Strange
[2013.04.07 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\LolClient
[2014.07.17 14:47:58 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\ProductData
[2015.03.03 21:55:55 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Solvusoft
[2014.07.17 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Spyware Terminator
[2014.10.03 22:09:20 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Steam
[2015.03.04 19:42:46 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\TERA
[2013.09.14 09:46:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\The Creative Assembly
[2013.09.30 02:03:29 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Theta
[2013.07.09 21:09:46 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Thinstall
[2013.07.07 13:01:35 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Tomabo
[2015.03.23 21:47:54 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\TS3Client
[2015.09.16 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\uTorrent

========== Purity Check ==========

========== Custom Scans ==========

< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013.04.07 18:12:09 | 000,000,962 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2013.10.06 03:39:00 | 000,000,282 | ---- | C] () -- C:\Windows\Tasks\RDReminder.job
[2014.09.10 16:29:26 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfcd039fedc346.job
[2014.10.25 18:00:45 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff06cd5d6b965.job
[2014.11.14 17:00:51 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0001bc8605a44.job
[2015.02.06 04:12:37 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041b2607ada82.job
[2015.05.15 20:41:14 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f3eb8924b50.job
[2015.07.16 15:50:33 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfce628073fe.job
[2015.09.02 16:11:31 | 000,000,948 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e58944b5949e.job
[2015.09.15 23:40:19 | 000,000,306 | ---- | C] () -- C:\Windows\Tasks\AviraSpeedup.job
[2015.09.17 10:04:45 | 000,000,360 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

< >

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.21 05:24:27 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.21 05:23:53 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.21 05:23:47 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2014.07.16 19:13:23 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2014.07.16 19:13:23 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2014.07.16 19:13:22 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2014.07.16 19:13:23 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: HAL.DLL >
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.21 05:24:08 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll

< MD5 for: SCECLI.DLL >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\SysNative\services.exe
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2014.07.16 19:25:59 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\SysNative\drivers\tcpip.sys
[2014.07.16 19:25:59 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=04ADD18EE5CC9FBEDAEC1DD1CD0CB45E -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_113260637d1284ef\tcpip.sys
[2013.11.19 21:47:53 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2013.11.19 22:59:36 | 001,903,552 | ---- | M] (Microsoft Corporation) MD5=40AF23633D197905F03AB5628C558C51 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_1118bb977d265d27\tcpip.sys
[2014.07.16 19:25:59 | 001,897,408 | ---- | M] (Microsoft Corporation) MD5=4F80944B03112F486212DC20BE166079 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_11b12f2896383dd1\tcpip.sys
[2010.11.21 05:24:08 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2013.11.19 22:59:36 | 001,896,896 | ---- | M] (Microsoft Corporation) MD5=75F9106B74585D38C8FF6BB5CAD262D7 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_11ad2a34963bde27\tcpip.sys
[2013.11.19 22:41:29 | 001,900,992 | ---- | M] (Microsoft Corporation) MD5=B27F13153343BC37A27EAE01634D94E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22378_none_1190b9b296509a2f\tcpip.sys
[2013.11.19 21:47:53 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
[2013.11.19 22:41:29 | 001,910,208 | ---- | M] (Microsoft Corporation) MD5=DB74544B75566C974815E79A62433F29 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18203_none_114dcae97cfeb81b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.07.16 19:22:39 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.07.16 19:22:39 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.07.16 19:22:39 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe

< >

< %systemroot%*.* /U /s >
[4 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[37 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015.04.29 19:52:26 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\.minecraft
[2013.04.07 16:49:36 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Adobe
[2014.07.17 14:47:55 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\AdobeChk
[2013.11.19 21:14:13 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Apple Computer
[2015.09.15 22:40:10 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Avira
[2013.04.07 23:54:13 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Babylon
[2013.04.09 22:08:54 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer
[2013.04.07 23:46:45 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\BSplayer Pro
[2015.01.25 19:51:17 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\DAEMON Tools Lite
[2014.11.12 19:20:31 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\ESET
[2013.09.27 08:32:33 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\fltk.org
[2014.03.14 18:36:22 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Foxit Software
[2013.08.05 19:11:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\GarenaPlus
[2013.04.07 17:52:36 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Identities
[2013.11.22 06:12:27 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Injustice
[2013.12.30 19:22:41 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\IObit
[2015.04.22 03:14:37 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Life Is Strange
[2015.02.03 13:06:02 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Logishrd
[2015.02.03 13:06:02 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Logitech
[2013.04.07 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\LolClient
[2013.04.07 16:49:37 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Macromedia
[2013.07.21 05:01:24 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Malwarebytes
[2011.04.12 10:45:27 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Media Center Programs
[2013.07.07 13:24:51 | 000,000,000 | --SD | M] -- C:\Users\yourfragged\AppData\Roaming\Microsoft
[2015.09.15 22:35:35 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Mozilla
[2015.03.03 00:27:12 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\NVIDIA
[2014.07.17 14:47:58 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\ProductData
[2013.09.25 21:12:34 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Skype
[2015.03.03 21:55:55 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Solvusoft
[2014.07.17 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Spyware Terminator
[2014.10.03 22:09:20 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Steam
[2015.03.04 19:42:46 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\TERA
[2013.09.14 09:46:49 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\The Creative Assembly
[2013.09.30 02:03:29 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Theta
[2013.07.09 21:09:46 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Thinstall
[2013.07.07 13:01:35 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\Tomabo
[2015.03.23 21:47:54 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\TS3Client
[2015.09.16 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\uTorrent
[2015.07.31 10:14:14 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\vlc
[2013.04.09 03:49:17 | 000,000,000 | ---D | M] -- C:\Users\yourfragged\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2009.08.11 21:21:26 | 000,087,552 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\AC3 Filter\ac3config.exe
[2009.08.11 21:21:30 | 000,090,112 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\AC3 Filter\spdif_test.exe
[2010.03.22 14:52:04 | 000,697,690 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\AC3 Filter\unins000.exe
[2012.10.11 09:01:20 | 001,175,371 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\FFDShow\unins000.exe
[2010.08.14 10:42:54 | 000,113,152 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\dsmux.exe
[2010.08.14 10:45:10 | 000,358,400 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\gdsmux.exe
[2010.08.14 10:42:06 | 000,137,728 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\mkv2vfr.exe
[2010.09.30 15:30:22 | 000,042,305 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\BSplayer\Haali media splitter\uninstall.exe
[2014.07.16 19:05:39 | 000,588,608 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\IObit\IObit Uninstaller\Install_PintoStartMenutemp.exe
[2014.07.16 19:05:39 | 000,629,568 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\IObit\IObit Uninstaller\UninstallDisplaytemp.exe
[2014.02.28 14:25:32 | 002,130,720 | ---- | M] (IObit) -- C:\Users\yourfragged\AppData\Roaming\IObit\IObit Uninstaller\UninstallPromotetemp.exe
[2015.04.22 03:02:30 | 001,090,913 | ---- | M] () -- C:\Users\yourfragged\AppData\Roaming\Life Is Strange\Uninstall\unins000.exe
[2015.09.06 11:56:46 | 001,696,096 | ---- | M] (BitTorrent Inc.) -- C:\Users\yourfragged\AppData\Roaming\uTorrent\uTorrent.exe
[2015.06.12 14:51:49 | 001,694,560 | ---- | M] (BitTorrent Inc.) -- C:\Users\yourfragged\AppData\Roaming\uTorrent\updates\3.4.3_40298.exe
[2015.09.06 11:56:46 | 001,696,096 | ---- | M] (BitTorrent Inc.) -- C:\Users\yourfragged\AppData\Roaming\uTorrent\updates\3.4.4_40911.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job >
[2015.09.15 23:40:19 | 000,000,306 | ---- | M] () -- C:\Windows\Tasks\AviraSpeedup.job
[2014.10.25 18:00:45 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfcd039fedc346.job
[2014.11.14 17:00:51 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cff06cd5d6b965.job
[2015.02.06 04:12:37 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0001bc8605a44.job
[2015.05.15 20:41:14 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d041b2607ada82.job
[2015.07.16 15:50:33 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d08f3eb8924b50.job
[2015.09.02 16:11:31 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bfce628073fe.job
[2015.09.16 00:30:58 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e58944b5949e.job
[2015.09.17 11:35:08 | 000,000,962 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015.03.03 22:03:07 | 000,000,282 | ---- | M] () -- C:\Windows\Tasks\RDReminder.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun -- [2013.03.14 10:23:30 | 003,672,640 | ---- | M] (Disc Soft Ltd)
"Steam" = "C:\Program Files (x86)\Steam\steam.exe" -silent -- [2015.08.19 22:39:00 | 002,899,136 | ---- | M] (Valve Corporation)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2014.07.16 19:33:12 | 000,677,024 | ---- | M] (Microsoft Corporation) MD5=268D3578E0A0900E4F612419561DAE09 -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2015.09.12 02:22:59 | 000,815,944 | ---- | M] (Google Inc.) MD5=83946783D86BEB7A898BC6B562F1F189 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2015.09.17 11:09:26 | 000,000,512 | ---- | M] () MD5=D4C4BF1265F182190686399BB2A38D92 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2014.07.23 17:55:47 | 000,000,036 | R--- | M] () -- \Game\The Walking Dead Season 2\The Walking Dead 2\The Walking Dead 2\Pack\SKIDROWCRACK.COM.txt
[2014.07.23 18:01:29 | 000,000,113 | R--- | M] () -- \Game\The Walking Dead Season 2\The Walking Dead 2\The Walking Dead 2\Pack\WWW.SKIDROWCRACK.COM.url
[2015.03.03 01:12:07 | 000,021,985 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Bloodline Champions\Content\Particles\1x1\point_cracks.dds.xnb
[2012.11.16 20:19:55 | 016,372,576 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay_Cracked.exe
[2015.03.13 15:12:24 | 000,003,072 | ---- | M] () -- \Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage
[2015.03.13 15:12:24 | 000,003,608 | ---- | M] () -- \Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.cracked.com_0.localstorage-journal
[2013.12.02 21:53:50 | 000,001,368 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\3DMGAME-Assassins.Creed.IV.Black.Flag.All.Unlock.Crack.v10-3DM.torrent
[2013.11.18 23:09:34 | 000,012,724 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\AC 4 Super Crack v7.rar.torrent
[2013.11.26 09:24:09 | 000,012,117 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\AC.IV.BF.CRACKONLY.RELOADED.torrent
[2013.09.30 02:02:02 | 000,001,271 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassin's Creed 3 Assassins Creed III - CRACK WITHOUT UPLAY - Works With All Versions - PHTX.torrent
[2013.11.19 03:52:12 | 000,014,091 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassin's Creed IV Black Flag Gold Edition-SKIDROW- UPDATE + CRACK HOTFIX V6.torrent
[2013.11.18 22:47:34 | 000,013,178 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassin's.Creed.IV.Black.Flag.Update.And.Crack.Fix.V6.rar.torrent
[2014.10.29 23:55:28 | 000,033,541 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassins Creed 2 [Multi9] [PCDVD9][WITH CRACK] [www.soloestreno.com].torrent
[2013.11.19 01:07:34 | 000,013,703 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Assassins Creed IV Crack Fix V4 -TESTED- TTG.torrent
[2013.10.06 03:31:06 | 000,000,733 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Dead Island Riptide Crack Only-RELOADED.rar.torrent
[2013.10.06 03:29:00 | 000,000,905 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Dead Island Riptide Crack Only-RELOADED.torrent
[2013.07.16 20:24:22 | 000,011,763 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Deadpool.PROPER.Crack.Only.English-SKIDROW.zip.torrent
[2015.03.03 21:45:20 | 000,008,821 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Dll-Files Fixer 3.0.81.2643 Final ML Retail + Crack - SceneDL (PimpRG).torrent
[2015.03.03 22:14:58 | 000,011,935 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\ESET NOD32 ANTIVIRUS 7 CRACK (32 64 BIT) THADOGG.torrent
[2013.09.26 13:10:03 | 000,045,915 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\FIFA.14-ULTIMIATE.EDITION-SKIDROWCRACK.torrent
[2013.08.31 02:52:34 | 000,002,943 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Gta Episodes From Liberty City Pc Crack Razor 1911_ZaaDi.torrent
[2013.04.09 06:56:32 | 000,011,736 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Hitman.Absolution.CRACK.ONLY-SKIDROW.torrent
[2013.05.30 15:19:56 | 000,023,131 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Max.Payne.3.CRACK.ONLY-RELOADED.1.torrent
[2013.05.30 13:38:24 | 000,023,131 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Max.Payne.3.CRACK.ONLY-RELOADED.torrent
[2013.05.30 14:39:30 | 000,019,354 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Max.Payne.3.Special.Edition.CRACK.ONLY.Fixed-REVOLT.torrent
[2015.03.03 14:38:29 | 000,002,757 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Saw-The Video Game[Crack].rar.torrent
[2013.07.04 00:02:48 | 000,015,684 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\The Walking Dead 400 Days [English][PCDVD][FULL UNLOCKED][CRACK][P2P][WwW.GamesTorrents.CoM].torrent
[2014.07.23 16:02:48 | 000,032,119 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\The Walking Dead Season 2 Episode 4-SKIDROWCRACK.torrent
[2013.04.08 02:14:47 | 000,001,102 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\uTorrent\Tomb.Raider.CRACK.ONLY-SKIDROW.torrent

< *keygen* /s >

< *loader* /s >
[2015.09.05 22:10:38 | 000,000,404 | ---- | M] () -- \Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\assets\htmlTemplates\events\bwRewards\img\loader-squares.gif
[2015.09.05 22:10:38 | 000,050,167 | ---- | M] () -- \Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\assets\htmlTemplates\events\bwRewards\img\loader.gif
[2013.02.21 15:12:44 | 000,000,404 | ---- | M] () -- \Game\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.160\deploy\assets\storeImages\layout\small_loader.gif
[2015.01.16 08:40:56 | 001,176,208 | ---- | M] () -- \NVIDIA\DisplayDriver\341.44\Win8_WinVista_Win7_64\International\GFExperience\ExtensionLoader.dll
[2015.01.16 08:41:08 | 000,888,464 | ---- | M] () -- \NVIDIA\DisplayDriver\341.44\Win8_WinVista_Win7_64\International\NVI2\NVDownloader.dll
[2015.01.16 08:39:56 | 000,028,515 | ---- | M] () -- \NVIDIA\DisplayDriver\341.44\Win8_WinVista_Win7_64\International\NVI2\NVI2DownloaderExt.CFG
[2015.01.16 08:41:08 | 000,850,576 | ---- | M] () -- \NVIDIA\DisplayDriver\341.44\Win8_WinVista_Win7_64\International\NVI2\NVI2DownloaderExt.DLL
[2013.09.11 20:06:44 | 002,243,392 | ---- | M] () -- \Program Files (x86)\IObit\Smart Defrag 2\ActionCenterDownloader.exe
[2012.11.29 09:57:48 | 000,059,904 | ---- | M] () -- \Program Files (x86)\MSI Kombustor 2.5\KLoaderWin32.exe
[2011.07.06 11:55:18 | 000,064,352 | ---- | M] () -- \Program Files (x86)\MSI Kombustor 2.5\PhysXLoader.dll
[2013.08.24 18:45:15 | 000,061,952 | ---- | M] () -- \Program Files (x86)\Rayman Legends\uplay_r1_loader.dll
[2014.12.10 03:28:04 | 000,001,701 | ---- | M] () -- \Program Files (x86)\Steam\friends\broadcastuploaderrornotification.res
[2014.11.11 20:48:42 | 000,007,825 | ---- | M] () -- \Program Files (x86)\Steam\remoteui\static\libs\images\ajax-loader.gif
[2015.03.03 01:10:32 | 000,141,312 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Bloodline Champions\Binary\BloodlineChampionsLoader.exe
[2015.03.03 01:10:32 | 000,400,896 | ---- | M] () -- \Program Files (x86)\Steam\steamapps\common\Bloodline Champions\Binary\BloodlineChampionsLoaderUpdater.exe
[2012.11.19 01:06:50 | 000,329,056 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2_loader.dll
[2012.11.19 01:06:52 | 000,293,376 | ---- | M] () -- \Program Files (x86)\Ubisoft\Ubisoft Game Launcher\uplay_r1_loader.dll
[2015.06.08 15:52:46 | 000,009,418 | ---- | M] () -- \Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.39.1_0\img\gifloader.gif
[2015.01.29 10:36:46 | 000,000,763 | ---- | M] () -- \Users\yourfragged\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.6_0\scripts\loader_1036.js
[2015.07.31 00:59:36 | 000,000,404 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\16FVUK0P\loader-squares[1].gif
[2015.07.31 01:02:50 | 000,001,664 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\16FVUK0P\queryLoader[1].js
[2015.09.17 10:13:48 | 000,005,505 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\525RTCD1\queryLoader[1].js
[2015.07.31 01:02:50 | 000,000,353 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DPV10XWC\queryLoader[1].css
[2015.07.31 10:17:22 | 000,000,404 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUVXOKHB\loader-squares[1].gif
[2015.09.17 10:13:48 | 000,000,353 | ---- | M] () -- \Users\yourfragged\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YUVXOKHB\queryLoader[1].css
[2015.04.29 19:47:47 | 000,000,000 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\.minecraft\vycraftujto\ForgeModLoader-client-0.log.lck
[2015.04.29 19:45:09 | 000,000,068 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\.minecraft\vycraftujto\config\TConPreloader.cfg
[2015.04.29 19:59:41 | 000,000,000 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\.minecraft\vycraftujtolite\ForgeModLoader-client-0.log.lck
[2013.03.25 17:21:00 | 000,388,776 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\TERA\launcher\live\downloader.bundle
[2013.03.20 08:02:00 | 000,694,656 | ---- | M] () -- \Users\yourfragged\AppData\Roaming\TERA\launcher\live\downloader.dll
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2013.11.18 22:52:31 | 000,037,376 | ---- | M] () -- \Windows\System32\uplay_r1_loader.dll
[2 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[2013.11.18 22:52:31 | 000,037,376 | ---- | M] () -- \Windows\SysWOW64\uplay_r1_loader.dll
[2 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_695e76beab8ff095\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 23:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_694dd858ab9ba72a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:20:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_69637bfcab8b6996\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:22:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.04.12 10:34:35 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2011.04.12 10:34:35 | 000,033,360 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.efi.mui_35ee487d
[2011.04.12 10:34:35 | 000,034,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winload.exe.mui_3bc5b827
[2011.04.12 10:34:35 | 000,029,776 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.efi.mui_f412814e
[2011.04.12 10:34:35 | 000,030,288 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc_winresume.exe.mui_ff8b5358
[2013.11.19 21:29:49 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.11.19 21:29:49 | 000,642,944 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.efi_75834aa0
[2013.11.19 21:29:49 | 000,605,552 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winload.exe_75835076
[2013.11.19 21:29:49 | 000,566,208 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.efi_85cd069f
[2013.11.19 21:29:49 | 000,518,672 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2011.04.12 10:33:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2010.11.21 05:16:35 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2013.11.19 21:29:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2013.11.19 21:29:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:04:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 22:57:46 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22411_none_0d3fdb3af3327f5f\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.11.19 23:23:09 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22436_none_0d2f3cd4f33e35f4\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:20:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22616_none_0d44e078f32df860\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.07.16 19:22:38 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

#4 Příspěvek od **vyosek** » 21 zář 2015 06:38

Jen se jeste zeptam, pouzivate legalni operacni system, nejvyssi licence (v hodnote nejake tisic) Ultimate zrovna neni bezna domaci verze

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu