Dobrý den,již několik dní jsem postřehl že pc samovolně občas vydá zvuk do reprobeden.Dnes je ten zvuk již od samého zapnutí pc asi po 15s a je to dost otravné.Přikládám i ten nahraný zvuk http://leteckaposta.cz/397179536 Myslel jsem si že by to mohlo být skrze teplotu na CPU nebo desce ale v biosu je vše v pořádku.Děkuji za radu a pomoc.
edit:/ když ve směšovači hlasitosti vypnu zvuk pro firefox tak zvuk přestane.
Logfile of random's system information tool 1.16 (written by random/random)
Run by 23102013 at 2017-05-31 16:32:03
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 8 GB (7%) free of 114 GB
Total RAM: 16312 MB (65% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:32:09, on 31.5.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal
Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\23102013_RSITx64.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [Family Tree Builder Update] D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Run: [PDFPrint] "D:\Program Files (x86)\PDF24\pdf24.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe"
O4 - HKCU\..\Run: [AMDDVR] "C:\Program Files\AMD\CNext\CNext\amddvr.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05312017162115821\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05312017162115836\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1735690316-1509034662-2468839372-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05312017162115850\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF24 - Geek Software GmbH - D:\Program Files (x86)\PDF24\pdf24.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PS3 Media Server - Tanuki Software, Ltd. - C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12576 bytes
====== Enumerating Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe"
"D:\Program Files (x86)\PDF24\pdf24.exe" -service
"C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe" -s "C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.conf" wrapper.console.flush=true wrapper.internal.namedpipe=2037312242
\??\C:\Windows\system32\conhost.exe "493764431998876620-18742289751856041358-10331600221057886195-1624419355-1059564798
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"
C:\Program Files (x86)\PS3 Media Server\jre64\bin\java.exe
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe"
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\Windows\system32\UI0Detect.exe
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\Program Files\AVAST Software\Avast\AvastUI.exe
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe"
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AMD\CNext\CNext\amddvr.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Program Files\CCleaner\CCleaner64.exe
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe"
"C:\Program Files\AMD\CNext\CNext\amdow.exe" 5776
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="5852.0.855651304\122710567" "C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi\plugins\NPSWF32_25_0_0_171.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 5852 "\\.\pipe\gecko-crash-server-pipe.5852" plugin
C:\Windows\system32\CompatTelRunner.exe
\??\C:\Windows\system32\conhost.exe "-14431681971835584420-1123444018863817454164979955878043506-6027431772111396892
C:\Windows\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:GSrn3uGLH0+dg3LH.1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\23102013\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=58.0.3029.110 --initial-client-data=0x18c,0x198,0x19c,0x190,0x1a0,0x7fedcad2968,0x7fedcad2980,0x7fedcad2990
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4024 --on-initialized-event-handle=540 --parent-handle=552 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1360 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6939 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.165.512 --gpu-driver-date=5-17-2017 --service-request-channel-token=BBD36D9FAD08E1BC7644A8F665E2E4CC --mojo-platform-channel-handle=1368 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360 --primordial-pipe-token=06988DC74EB8BADA1CFFE6176A76785C --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=06988DC74EB8BADA1CFFE6176A76785C --renderer-client-id=4 --mojo-platform-channel-handle=2052 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360 --primordial-pipe-token=7D6D45B2CBF31C9DF1E9C6C60C2FBE82 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=7D6D45B2CBF31C9DF1E9C6C60C2FBE82 --renderer-client-id=5 --mojo-platform-channel-handle=2472 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360 --primordial-pipe-token=6B5DC91829CAEEACE0C051B8DF66C541 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=6B5DC91829CAEEACE0C051B8DF66C541 --renderer-client-id=6 --mojo-platform-channel-handle=2464 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360 --primordial-pipe-token=6BE4A0367671074F2F9B0B246FF981E8 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=6BE4A0367671074F2F9B0B246FF981E8 --renderer-client-id=7 --mojo-platform-channel-handle=2440 /prefetch:1
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360 --primordial-pipe-token=D9F1A1183DDF0FA74AF5F0558C5326F4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=D9F1A1183DDF0FA74AF5F0558C5326F4 --renderer-client-id=10 --mojo-platform-channel-handle=5228 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --field-trial-handle=1360 --ppapi-flash-args --lang=cs --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --service-request-channel-token=A1780911A21908E2368DBB0429A716AA --mojo-platform-channel-handle=5908 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1360 --primordial-pipe-token=40C9CD44A9F7193BC2F2ECDBCB302E6B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=false --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553 --service-request-channel-token=40C9CD44A9F7193BC2F2ECDBCB302E6B --renderer-client-id=13 --mojo-platform-channel-handle=6164 /prefetch:1
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548
"C:\Users\23102013\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\Reader_sl.exe"
====== Scheduled tasks folder ======
C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe /immunize /silent /autoclose
C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe /scan /cleanclose
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1735690316-1509034662-2468839372-1000Core - C:\Users\23102013\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1735690316-1509034662-2468839372-1000UA - C:\Users\23102013\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\SafeZone scheduled Autoupdate 1458716838 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\StartCN - "C:\Program Files\AMD\CNext\CNext\cncmd.exe" startwithdelay
C:\Windows\system32\tasks\{B704FDE4-9B91-4F12-9D7C-7D1001DEC475} - D:\STAZENE PROGRAMY\Adobe flashplayer\install_flash_player.exe
C:\Windows\system32\tasks\{E453BC98-FFC8-40EC-B35F-81177E3F0615} - C:\Windows\system32\pcalua.exe -a "D:\STAZENE PROGRAMY\FreeRapid\FreeRapid-0.9u4\frd.exe" -d "D:\STAZENE PROGRAMY\FreeRapid\FreeRapid-0.9u4"
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.131.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\
playflash@xpi
C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\addons.json
FlashGot Mass Downloader - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
PlayFlash 32bit - extension - playflash@xpi
Classic Theme Restorer - extension - ClassicThemeRestorer@ArisT2Noia4dev
C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions.json
FlashGot - extension - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
Avast Online Security - webextension - wrc@avast.com - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\wrc@avast.com.xpi
Avast SafePrice - webextension - sp@avast.com - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\sp@avast.com.xpi
Classic Theme Restorer - extension - ClassicThemeRestorer@ArisT2Noia4dev - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
PlayFlash 32bit - extension - playflash@xpi - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi
Application Update Service Helper - extension - aushelper@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Shield Recipe Client - extension - shield-recipe-client@mozilla.org - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\features\{59fbbee5-2c12-4c98-be2a-ae81a371fbbc}\shield-recipe-client@mozilla.org.xpi
C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\pluginreg.dat
Plugin - Shockwave Flash - 25.0.0.171 - C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi\plugins\NPSWF32_25_0_0_171.dll
=========Google Chrome=========
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 1 Adobe Acrobat 15.1.0.6
Extension eofcbnmajmjmplflapaojjnihcjkigck 1 Avast SafePrice 12.0.199
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.10.0
Extension gomekmidlodglbbmalcneegieacbdmki 1 Avast Online Security 12.0.214
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.5
Homepage: http://www.seznam.cz/
default_search_provider.search_url:
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck]
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki]
"Path"=
======Registry dump ======
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-04-11 895528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22 473152]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-04-11 773920]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22 186944]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-02-15 516928]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-05-12 7575256]
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2017-01-20 2780112]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-05-09 213824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"Google Update"=C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [2017-04-30 601168]
"uTorrent"=C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe [2014-04-14 398760]
"AMDDVR"=C:\Program Files\AMD\CNext\CNext\amddvr.exe [2017-05-17 1384328]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-04-11 9532120]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-17 134616]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-07-26 6381192]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-01-10 1103424]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-03-06 292848]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2012-08-24 336992]
"Family Tree Builder Update"=D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2016-08-09 14786736]
"PDFPrint"=D:\Program Files (x86)\PDF24\pdf24.exe [2016-12-20 217736]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15 587288]
"SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders" = credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMSwissArmy]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath" = "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.ac3acm"=AC3ACM.acm
"vidc.XVID"=xvidvfw.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=ff_vfw.dll
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
====== File associations ======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
====== List of files/folders created in the last 1 month ======
2017-05-31 16:32:09 ----D---- C:\ProgramData\SWCUTemp
2017-05-31 15:41:36 ----A---- C:\Windows\system32\sdnclean64.exe
2017-05-31 15:41:34 ----D---- C:\ProgramData\Spybot - Search & Destroy
2017-05-31 15:40:06 ----A---- C:\Windows\ntbtlog.txt
2017-05-31 15:40:02 ----AC---- C:\TDSSKiller.3.1.0.12_31.05.2017_15.40.02_log.txt
2017-05-30 20:33:36 ----A---- C:\Windows\system32\drivers\HWiNFO64A.SYS
2017-05-30 20:33:22 ----D---- C:\Program Files\HWiNFO64
2017-05-30 14:42:54 ----ASH---- C:\pagefile.sys
2017-05-17 22:23:18 ----A---- C:\Windows\SYSWOW64\atiumdag.dll
2017-05-17 22:23:12 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll
2017-05-17 22:22:54 ----A---- C:\Windows\system32\GameManager64.dll
2017-05-17 22:22:52 ----A---- C:\Windows\SYSWOW64\GameManager32.dll
2017-05-17 22:22:52 ----A---- C:\Windows\system32\dgtrayicon.exe
2017-05-17 22:22:44 ----A---- C:\Windows\system32\atitmm64.dll
2017-05-17 22:22:42 ----A---- C:\Windows\system32\atimuixx.dll
2017-05-17 22:22:40 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2017-05-17 22:22:38 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll
2017-05-17 22:22:38 ----A---- C:\Windows\SYSWOW64\atigktxx.dll
2017-05-17 22:22:38 ----A---- C:\Windows\system32\atiglpxx.dll
2017-05-17 22:22:32 ----A---- C:\Windows\system32\atiesrxx.exe
2017-05-17 22:22:32 ----A---- C:\Windows\system32\atieclxx.exe
2017-05-17 22:22:30 ----A---- C:\Windows\system32\atieah64.exe
2017-05-17 22:22:28 ----A---- C:\Windows\SYSWOW64\atieah32.exe
2017-05-17 22:22:26 ----A---- C:\Windows\system32\atidemgy.dll
2017-05-17 22:22:22 ----A---- C:\Windows\system32\RapidFireServer64.dll
2017-05-17 22:22:22 ----A---- C:\Windows\system32\aticalrt64.dll
2017-05-17 22:22:20 ----A---- C:\Windows\SYSWOW64\RapidFireServer.dll
2017-05-17 22:22:20 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2017-05-17 22:22:18 ----A---- C:\Windows\SYSWOW64\Rapidfire.dll
2017-05-17 22:22:18 ----A---- C:\Windows\system32\Rapidfire64.dll
2017-05-17 22:22:16 ----A---- C:\Windows\system32\mantleaxl64.dll
2017-05-17 22:22:14 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll
2017-05-17 22:22:14 ----A---- C:\Windows\system32\aticaldd64.dll
2017-05-17 22:22:12 ----A---- C:\Windows\SYSWOW64\mantle32.dll
2017-05-17 22:22:12 ----A---- C:\Windows\system32\mantle64.dll
2017-05-17 22:22:10 ----A---- C:\Windows\system32\ATIODE.exe
2017-05-17 22:22:08 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2017-05-17 22:22:08 ----A---- C:\Windows\system32\ATIODCLI.exe
2017-05-17 22:22:06 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2017-05-17 22:22:06 ----A---- C:\Windows\system32\aticalcl64.dll
2017-05-17 22:22:04 ----A---- C:\Windows\SYSWOW64\atiumdva.dll
2017-05-17 22:22:02 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2017-05-17 22:22:00 ----A---- C:\Windows\system32\atiapfxx.exe
2017-05-17 22:21:58 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2017-05-17 22:21:58 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll
2017-05-17 22:21:56 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2017-05-17 22:21:56 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2017-05-17 22:21:56 ----A---- C:\Windows\system32\atimpc64.dll
2017-05-17 22:21:56 ----A---- C:\Windows\system32\amdpcom64.dll
2017-05-17 22:21:52 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll
2017-05-17 22:21:52 ----A---- C:\Windows\system32\amdhcp64.dll
2017-05-17 22:21:48 ----A---- C:\Windows\system32\amdave64.dll
2017-05-17 22:21:46 ----A---- C:\Windows\SYSWOW64\amdave32.dll
2017-05-17 22:21:44 ----A---- C:\Windows\system32\OpenCL.dll
2017-05-17 22:21:44 ----A---- C:\Windows\system32\clinfo.exe
2017-05-17 22:21:44 ----A---- C:\Windows\system32\amdmantle64.dll
2017-05-17 22:21:42 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2017-05-17 22:21:40 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll
2017-05-17 22:21:38 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll
2017-05-17 22:21:38 ----A---- C:\Windows\system32\amdlvr64.dll
2017-05-17 22:21:38 ----A---- C:\Windows\system32\amdgfxinfo64.dll
2017-05-17 22:21:36 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll
2017-05-17 22:21:36 ----A---- C:\Windows\system32\drivers\amdacpksd.sys
2017-05-17 22:21:32 ----A---- C:\Windows\SYSWOW64\atisamu32.dll
2017-05-17 22:21:32 ----A---- C:\Windows\system32\atisamu64.dll
2017-05-17 22:21:32 ----A---- C:\Windows\system32\amdocl64.dll
2017-05-17 22:21:26 ----A---- C:\Windows\system32\amdocl12cl64.dll
2017-05-17 22:21:22 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll
2017-05-17 22:21:20 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2017-05-17 22:21:18 ----A---- C:\Windows\SYSWOW64\amdocl.dll
2017-05-17 22:21:16 ----A---- C:\Windows\system32\amfrt64.dll
2017-05-17 22:21:14 ----A---- C:\Windows\SYSWOW64\amfrt32.dll
2017-05-17 22:21:10 ----A---- C:\Windows\system32\amdvlk64.dll
2017-05-17 22:21:06 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll
2017-05-17 22:21:02 ----A---- C:\Windows\system32\amduve64.dll
2017-05-17 22:21:00 ----A---- C:\Windows\SYSWOW64\amduve32.dll
2017-05-17 22:20:56 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2017-05-17 22:20:56 ----A---- C:\Windows\system32\amdmmcl6.dll
2017-05-17 22:20:54 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll
2017-05-17 22:20:54 ----A---- C:\Windows\system32\amdmcl64.dll
2017-05-17 22:20:52 ----A---- C:\Windows\SYSWOW64\amdmcl32.dll
2017-05-17 16:20:22 ----A---- C:\Windows\SYSWOW64\amdihk32.dll
2017-05-17 16:20:22 ----A---- C:\Windows\system32\amdihk64.dll
2017-05-17 15:37:22 ----A---- C:\Windows\system32\amdacpusl.dll
2017-05-17 15:37:18 ----A---- C:\Windows\SYSWOW64\amdacpusl.dll
2017-05-11 13:31:05 ----D---- C:\Users\23102013\AppData\Roaming\Mozilla
2017-05-11 13:30:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-11 13:30:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-05-11 13:16:42 ----D---- C:\Program Files (x86)\Windows Resource Kits
2017-05-10 22:29:23 ----DC---- C:\AdwCleaner
2017-05-10 15:41:57 ----D---- C:\Windows\SYSWOW64\Adobe
2017-05-10 12:49:45 ----A---- C:\Windows\system32\mshtml.dll
2017-05-10 12:49:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-05-10 12:49:44 ----A---- C:\Windows\system32\ieframe.dll
2017-05-10 12:49:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-05-10 12:49:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-05-10 12:49:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-05-10 12:49:43 ----A---- C:\Windows\system32\wininet.dll
2017-05-10 12:49:43 ----A---- C:\Windows\system32\win32k.sys
2017-05-10 12:49:43 ----A---- C:\Windows\system32\urlmon.dll
2017-05-10 12:49:43 ----A---- C:\Windows\system32\ole32.dll
2017-05-10 12:49:43 ----A---- C:\Windows\system32\jscript9.dll
2017-05-10 12:49:43 ----A---- C:\Windows\system32\iertutil.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\pla.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\ole32.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2017-05-10 12:49:42 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-05-10 12:49:42 ----A---- C:\Windows\system32\pla.dll
2017-05-10 12:49:42 ----A---- C:\Windows\system32\oleaut32.dll
2017-05-10 12:49:42 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-05-10 12:49:42 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\tcpip.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\srv.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\fastfat.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\exfat.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\drivers\afd.sys
2017-05-10 12:49:42 ----A---- C:\Windows\system32\crypt32.dll
2017-05-10 12:49:42 ----A---- C:\Windows\system32\advapi32.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\pdh.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\oleres.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\comcat.dll
2017-05-10 12:49:41 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\webcheck.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\vbscript.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\rpcss.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\rpcrt4.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\plasrv.exe
2017-05-10 12:49:41 ----A---- C:\Windows\system32\pdh.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\oleres.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\ntdll.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-05-10 12:49:41 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\mshtmled.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\msfeeds.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\lsasrv.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\jscript.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\iedkcs32.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\ie4uinit.exe
2017-05-10 12:49:41 ----A---- C:\Windows\system32\gdi32.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\dxtrans.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\drivers\tdx.sys
2017-05-10 12:49:41 ----A---- C:\Windows\system32\drivers\netio.sys
2017-05-10 12:49:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-05-10 12:49:41 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-05-10 12:49:41 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2017-05-10 12:49:41 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2017-05-10 12:49:41 ----A---- C:\Windows\system32\comcat.dll
2017-05-10 12:49:41 ----A---- C:\Windows\system32\certcli.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-05-10 12:49:40 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\wow64win.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\wow64.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\wintrust.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\winsrv.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\wdigest.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\TSpkg.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\sspicli.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\srcore.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\smss.exe
2017-05-10 12:49:40 ----A---- C:\Windows\system32\schannel.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\rpchttp.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\occache.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\ncrypt.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\msv1_0.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\msrating.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\KernelBase.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\kernel32.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\kerberos.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\jsproxy.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\jscript9diag.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\inseng.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\ieUnatt.exe
2017-05-10 12:49:40 ----A---- C:\Windows\system32\ieui.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\iesetup.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\ieapfltr.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\dxtmsft.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-05-10 12:49:40 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-05-10 12:49:40 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-05-10 12:49:40 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-05-10 12:49:40 ----A---- C:\Windows\system32\csrsrv.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\cryptsvc.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\cryptnet.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\conhost.exe
2017-05-10 12:49:40 ----A---- C:\Windows\system32\cdosys.dll
2017-05-10 12:49:40 ----A---- C:\Windows\system32\bcrypt.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 12:49:39 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\user.exe
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\tzres.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-05-10 12:49:39 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\wow64cpu.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\tzres.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\sspisrv.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\srclient.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\secur32.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\rstrui.exe
2017-05-10 12:49:39 ----A---- C:\Windows\system32\ntvdm64.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\msaudite.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\lsass.exe
2017-05-10 12:49:39 ----A---- C:\Windows\system32\iernonce.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\drivers\appid.sys
2017-05-10 12:49:39 ----A---- C:\Windows\system32\cryptbase.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\credssp.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\cdd.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\auditpol.exe
2017-05-10 12:49:39 ----A---- C:\Windows\system32\appidsvc.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-05-10 12:49:39 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-05-10 12:49:39 ----A---- C:\Windows\system32\appidapi.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\apisetschema.dll
2017-05-10 12:49:39 ----A---- C:\Windows\system32\adtschema.dll
2017-05-10 12:49:38 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-05-10 12:49:38 ----A---- C:\Windows\system32\msobjs.dll
2017-05-10 12:49:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-05-09 20:32:28 ----A---- C:\Windows\system32\aswBoot.exe
====== List of files/folders modified in the last 1 month ======
2017-05-31 16:32:11 ----D---- C:\Users\23102013\AppData\Roaming\uTorrent
2017-05-31 16:32:09 ----HD---- C:\ProgramData
2017-05-31 16:32:07 ----D---- C:\Program Files\trend micro
2017-05-31 16:30:10 ----DC---- C:\Windows\Temp
2017-05-31 16:30:00 ----D---- C:\Users\23102013\AppData\Roaming\Audacity
2017-05-31 16:25:55 ----D---- C:\Windows\System32
2017-05-31 16:25:55 ----D---- C:\Windows\inf
2017-05-31 16:25:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-05-31 16:23:23 ----D---- C:\Windows\system32\config
2017-05-31 16:23:15 ----D---- C:\Windows\SoftwareDistribution
2017-05-31 16:22:17 ----AD---- C:\Windows
2017-05-31 16:20:12 ----AD---- C:\Windows\system32\drivers
2017-05-31 16:19:59 ----D---- C:\ProgramData\PMS
2017-05-31 15:42:36 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-31 15:41:41 ----D---- C:\Windows\Tasks
2017-05-31 15:41:39 ----SD---- C:\ProgramData\Microsoft
2017-05-31 15:36:03 ----D---- C:\Users\23102013\AppData\Roaming\MPC-HC
2017-05-31 15:36:02 ----D---- C:\Windows\debug
2017-05-31 15:34:40 ----D---- C:\Program Files (x86)\SpeedFan
2017-05-30 20:39:34 ----D---- C:\Program Files
2017-05-30 17:37:33 ----D---- C:\Windows\Prefetch
2017-05-29 22:13:04 ----D---- C:\Windows\system32\catroot
2017-05-29 20:52:23 ----SHDC---- C:\Config.Msi
2017-05-29 20:52:23 ----SHD---- C:\Windows\Installer
2017-05-29 20:52:14 ----D---- C:\Windows\SysWOW64
2017-05-29 20:50:32 ----D---- C:\Windows\system32\Tasks
2017-05-29 20:45:33 ----D---- C:\Windows\system32\DriverStore
2017-05-29 20:45:29 ----SHD---- C:\System Volume Information
2017-05-29 20:25:24 ----DC---- C:\AMD
2017-05-23 20:03:33 ----D---- C:\Windows\system32\MRT
2017-05-23 20:00:31 ----AC---- C:\Windows\system32\MRT.exe
2017-05-18 21:49:28 ----SD---- C:\Users\23102013\AppData\Roaming\Microsoft
2017-05-17 22:23:22 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll
2017-05-17 22:23:22 ----A---- C:\Windows\system32\atiuxp64.dll
2017-05-17 22:23:14 ----A---- C:\Windows\system32\atiumd64.dll
2017-05-17 22:23:12 ----A---- C:\Windows\system32\atiu9p64.dll
2017-05-17 22:22:50 ----A---- C:\Windows\system32\detoured.dll
2017-05-17 22:22:48 ----A---- C:\Windows\SYSWOW64\detoured.dll
2017-05-17 22:22:42 ----A---- C:\Windows\system32\atidxx64.dll
2017-05-17 22:22:36 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2017-05-17 22:22:36 ----A---- C:\Windows\system32\atig6txx.dll
2017-05-17 22:22:34 ----A---- C:\Windows\system32\atig6pxx.dll
2017-05-17 22:22:34 ----A---- C:\Windows\system32\aticfx64.dll
2017-05-17 22:22:32 ----A---- C:\Windows\SYSWOW64\aticfx32.dll
2017-05-17 22:21:58 ----A---- C:\Windows\system32\atiumd6a.dll
2017-05-17 22:21:56 ----A---- C:\Windows\system32\atiadlxx.dll
2017-05-17 22:21:38 ----A---- C:\Windows\system32\coinst_17.10.dll
2017-05-17 22:20:42 ----A---- C:\Windows\system32\atio6axx.dll
2017-05-14 16:10:11 ----D---- C:\Users\23102013\AppData\Roaming\DAEMON Tools Lite
2017-05-14 15:56:02 ----D---- C:\Program Files\CCleaner
2017-05-11 13:30:59 ----RD---- C:\Program Files (x86)
2017-05-11 13:23:36 ----D---- C:\Windows\system32\Macromed
2017-05-10 22:24:01 ----D---- C:\Windows\winsxs
2017-05-10 22:23:56 ----D---- C:\Windows\system32\catroot2
2017-05-10 20:38:13 ----D---- C:\Windows\rescache
2017-05-10 20:10:17 ----D---- C:\Windows\Microsoft.NET
2017-05-10 20:00:02 ----RSD---- C:\Windows\assembly
2017-05-10 15:05:40 ----D---- C:\Windows\SYSWOW64\migration
2017-05-10 15:05:40 ----D---- C:\Windows\SYSWOW64\en-US
2017-05-10 15:05:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2017-05-10 15:05:40 ----D---- C:\Windows\system32\migration
2017-05-10 15:05:40 ----D---- C:\Windows\system32\en-US
2017-05-10 15:05:40 ----D---- C:\Windows\system32\cs-CZ
2017-05-10 15:05:40 ----D---- C:\Windows\PolicyDefinitions
2017-05-10 15:05:40 ----D---- C:\Program Files\Internet Explorer
2017-05-10 15:05:24 ----D---- C:\Windows\system32\Boot
2017-05-10 15:05:24 ----D---- C:\Windows\AppPatch
2017-05-10 15:05:24 ----D---- C:\Program Files (x86)\Internet Explorer
2017-05-10 13:48:02 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-05-10 13:28:02 ----D---- C:\ProgramData\Microsoft Help
2017-05-09 19:25:14 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-05-09 19:25:12 ----D---- C:\Windows\SYSWOW64\Macromed
2017-05-01 12:53:30 ----D---- C:\ProgramData\Package Cache
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
====== List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2014-10-28 62152]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2017-05-09 190256]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2017-05-09 334576]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2017-05-09 49016]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2017-05-09 75704]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2017-05-09 339696]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-11-08 108832]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-03-06 20464]
R0 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [2017-05-31 251832]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-11-08 233760]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2016-08-10 386680]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-11-08 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-11-08 183224]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-11-08 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-11-08 117024]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2017-05-09 311808]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2017-05-09 32600]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2017-05-09 101152]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2017-05-09 1007160]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2017-05-09 569192]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2014-04-16 738472]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2014-04-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2016-08-10 283064]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 31400]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys [2017-04-12 77440]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO64A.SYS [2017-05-30 27552]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2012-08-24 126944]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2017-05-17 305544]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2017-05-09 128648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2017-05-12 158880]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [2017-04-11 186304]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-11-08 367200]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2017-05-17 36551048]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2017-05-17 520584]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-12-20 96256]
R3 ikbevent;Intel Upper keyboard Class Filter Driver; C:\Windows\system32\DRIVERS\ikbevent.sys [2013-08-01 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver; C:\Windows\system32\DRIVERS\imsevent.sys [2013-08-01 21920]
R3 INETMON;INETMON; \??\C:\Windows\System32\Drivers\INETMON.sys [2013-08-01 29088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-05-13 3962840]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver; C:\Windows\system32\DRIVERS\ISCTD64.sys [2013-08-01 46568]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-03-06 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-03-06 791024]
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys [2017-05-31 111544]
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys [2017-05-31 43968]
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [2017-05-31 82720]
R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-17 99288]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2014-02-05 82048]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-26 888536]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys []
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys []
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys []
S1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2014-04-16 105552]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2017-05-09 38296]
S3 BCMH43XX;Ovladač síťového USB adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwlhigh664.sys [2015-03-09 1255672]
S3 ggflt;SOMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2014-08-10 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsomc.sys [2014-08-10 30424]
S3 MSICDSetup;MSICDSetup; \??\I:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\I:\NTIOLib_X64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 Pcouffin64;Low level access layer for CD devices; C:\Windows\System32\Drivers\pcouffin64a.sys [2013-11-30 55136]
S3 pfc;Padus ASPI Shell; C:\Windows\system32\drivers\pfc.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-11-08 1462560]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2013-03-18 54784]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
====== List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled) ======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-02-15 1143720]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-04-25 83056]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-11-08 3783672]
R2 AHDDC2;Ashampoo HDD Control 2 Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [2011-11-25 1517976]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2017-05-17 543112]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2017-05-17 121856]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-09 263304]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll" = %SystemRoot%\system32\diagtrack.dll
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-08-01 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-17 390616]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-01-20 4355024]
R2 PDF24;PDF24; D:\Program Files (x86)\PDF24\pdf24.exe [2016-12-20 217736]
R2 PS3 Media Server;PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [2012-11-27 384280]
R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-03-20 7084672]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-30 6887696]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-09 7346208]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll" = %SystemRoot%\System32\umrdp.dll
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-26 105096]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-26 125064]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06 153752]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2014-02-01 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09 271864]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll" = %SystemRoot%\System32\appmgmts.dll
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-26 51320]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-06 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-04-16 116224]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-27 173512]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll" = %SystemRoot%\system32\peerdistsvc.dll
S4 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-26 135800]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pc vydává zvuk
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119669
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pc vydává zvuk
Zdravím!
Jak je na tom váš oper. systém s legalitou?
Jak je na tom váš oper. systém s legalitou?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119669
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pc vydává zvuk
OK. Udělejte tento sken:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
a klikněte na >Prohledat<. Dejte oba logy.CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*loader* /s
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pc vydává zvuk
OTL logfile created on: 31.5.2017 19:31:09 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\23102013\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18665)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,93 Gb Total Physical Memory | 9,24 Gb Available Physical Memory | 58,03% Memory free
31,86 Gb Paging File | 22,09 Gb Available in Paging File | 69,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 5,58 Gb Free Space | 5,00% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 505,64 Gb Free Space | 54,28% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 152,35 Gb Free Space | 16,36% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 111,30 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
Drive I: | 1,46 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: 23102013-PC | User Name: 23102013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2017.05.31 19:30:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\23102013\Desktop\OTL.exe
PRC - [2017.05.27 17:49:03 | 000,517,064 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2017.05.17 18:28:43 | 026,774,280 | ---- | M] (Wargaming.net) -- D:\Games\World_of_Tanks\WorldOfTanks.exe
PRC - [2017.05.09 20:32:21 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2017.05.09 20:32:19 | 000,263,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2017.04.29 10:07:51 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
PRC - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017.01.20 08:57:12 | 002,780,112 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2016.12.20 14:28:06 | 000,217,736 | ---- | M] (Geek Software GmbH) -- D:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2016.08.09 13:22:48 | 014,786,736 | ---- | M] (MyHeritage) -- D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
PRC - [2015.11.30 12:50:42 | 006,887,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2014.11.10 12:12:42 | 000,409,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014.11.10 12:12:38 | 000,158,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe
PRC - [2014.03.06 04:08:50 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.11.08 15:59:33 | 003,783,672 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013.07.26 20:44:26 | 006,381,192 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2013.03.20 20:28:20 | 007,084,672 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013.01.10 15:12:20 | 001,103,424 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
PRC - [2012.11.27 18:42:12 | 000,384,280 | ---- | M] (Tanuki Software, Ltd.) -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
PRC - [2012.08.24 09:57:08 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011.11.25 10:32:30 | 001,517,976 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
========== Modules (No Company Name) ==========
MOD - [2017.05.31 18:21:57 | 000,030,800 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_ping.pyd
MOD - [2017.05.31 18:21:44 | 000,048,712 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_wwise.pyd
MOD - [2017.05.31 18:21:42 | 000,129,096 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\_ctypes.pyd
MOD - [2017.05.31 18:21:42 | 000,045,648 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_console.pyd
MOD - [2017.05.31 18:21:42 | 000,036,432 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_wotfix.pyd
MOD - [2017.05.10 18:35:26 | 000,048,392 | ---- | M] () -- D:\Games\World_of_Tanks\voip.dll
MOD - [2017.05.09 20:32:22 | 067,717,632 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2017.05.09 20:32:21 | 000,997,896 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvChrome.dll
MOD - [2017.05.09 20:32:20 | 000,684,656 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2017.05.09 20:32:20 | 000,223,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2017.05.09 20:32:20 | 000,176,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
MOD - [2017.05.09 20:32:19 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2017.05.09 20:32:17 | 000,291,824 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2016.02.16 22:28:28 | 001,529,344 | ---- | M] () -- D:\Games\World_of_Tanks\ResIL.dll
MOD - [2016.02.16 22:28:28 | 000,140,288 | ---- | M] () -- D:\Games\World_of_Tanks\ILU.dll
MOD - [2014.02.11 13:48:30 | 000,323,568 | ---- | M] () -- D:\Games\World_of_Tanks\ortp.dll
MOD - [2013.09.05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2017.05.17 22:22:32 | 000,543,112 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2017.05.17 15:37:48 | 000,121,856 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe -- (amdacpusrsvc)
SRV:64bit: - [2017.05.09 20:32:19 | 000,263,304 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2017.05.09 20:32:18 | 007,346,208 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2017.04.16 10:37:33 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2017.01.20 08:54:02 | 004,355,024 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2016.08.22 18:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.08.27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.08.27 14:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.08.01 17:31:10 | 000,198,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017.05.31 17:18:48 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2017.05.27 17:49:03 | 000,173,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017.05.09 19:25:16 | 000,271,864 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017.03.26 20:33:36 | 000,105,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016.12.20 14:28:06 | 000,217,736 | ---- | M] (Geek Software GmbH) [Auto | Running] -- D:\Program Files (x86)\PDF24\pdf24.exe -- (PDF24)
SRV - [2015.11.30 12:50:42 | 006,887,696 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2014.11.10 12:12:42 | 000,409,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014.11.10 12:12:38 | 000,158,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.11.08 15:59:33 | 003,783,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013.03.20 20:28:20 | 007,084,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013.02.15 14:01:52 | 001,143,720 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.11.27 18:42:12 | 000,384,280 | ---- | M] (Tanuki Software, Ltd.) [Auto | Running] -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe -- (PS3 Media Server)
SRV - [2011.11.25 10:32:30 | 001,517,976 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2017.05.31 17:34:44 | 000,082,720 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:64bit: - [2017.05.31 17:34:36 | 000,111,544 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:64bit: - [2017.05.31 17:34:34 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:64bit: - [2017.05.31 17:34:31 | 000,251,832 | ---- | M] (Malwarebytes) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2017.05.17 22:22:40 | 000,520,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2017.05.17 22:21:36 | 000,305,544 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amdacpksd.sys -- (amdacpksd)
DRV:64bit: - [2017.05.17 22:21:20 | 036,551,048 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2017.05.17 11:23:58 | 001,057,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2017.05.12 20:32:42 | 000,158,880 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2017.05.09 20:32:23 | 000,569,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2017.05.09 20:32:23 | 000,339,696 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2017.05.09 20:32:23 | 000,128,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2017.05.09 20:32:23 | 000,101,152 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2017.05.09 20:32:23 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2017.05.09 20:32:23 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2017.05.09 20:32:18 | 001,007,160 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2017.05.09 20:32:18 | 000,032,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2017.05.09 20:32:17 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2017.05.09 20:32:17 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2017.05.09 20:32:17 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2017.05.09 20:32:17 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2017.04.12 21:39:41 | 000,077,440 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:64bit: - [2017.04.11 18:43:36 | 000,186,304 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MBAMChameleon.sys -- (MBAMChameleon)
DRV:64bit: - [2017.01.06 22:51:37 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zam64.sys -- (ZAM)
DRV:64bit: - [2017.01.06 22:51:36 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zamguard64.sys -- (ZAM_Guard)
DRV:64bit: - [2016.12.20 14:41:46 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2016.08.10 19:40:15 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2016.08.10 19:34:15 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.03.09 22:01:26 | 001,255,672 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2014.11.10 12:12:38 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014.10.28 01:46:12 | 000,062,152 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2014.08.10 21:12:38 | 000,030,424 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsomc.sys -- (ggsomc)
DRV:64bit: - [2014.08.10 21:12:38 | 000,016,088 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2014.03.06 04:08:20 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2014.03.06 04:08:18 | 000,791,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2014.03.06 04:08:18 | 000,370,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2014.02.05 11:30:19 | 000,082,048 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2013.11.30 18:35:54 | 000,055,136 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin64a.sys -- (Pcouffin64)
DRV:64bit: - [2013.11.08 15:59:34 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2013.11.08 15:59:33 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2013.11.08 15:59:33 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2013.11.08 15:59:33 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2013.11.08 15:59:31 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013.11.08 15:59:30 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2013.11.08 15:59:29 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013.11.08 15:59:29 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013.08.01 17:01:34 | 000,021,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013.08.01 17:01:32 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013.08.01 17:01:32 | 000,029,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\INETMON.sys -- (INETMON)
DRV:64bit: - [2013.08.01 17:01:32 | 000,021,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013.03.18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.24 09:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.28 15:51:44 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2012.12.29 22:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.04.01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2003.10.10 16:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003.10.10 15:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.09.06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 28 B8 F0 D9 7E 67 D2 01 [binary data]
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.6.14
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.6.6
FF - prefs.js..extensions.enabledAddons: playflash%40xpi:25.0.0.171
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.3
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2: C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2: C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\23102013\AppData\Roaming\Mozilla\plugins\npo1d.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2017.05.11 13:31:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Extensions
[2017.05.25 18:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\browser-extension-data
[2017.05.25 18:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2017.05.31 18:28:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions
[2017.05.27 17:49:05 | 000,000,000 | ---D | M] (PlayFlash 32bit) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi
[2017.05.15 14:36:34 | 001,003,355 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2017.05.31 18:28:57 | 000,352,827 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\sp@avast.com.xpi
[2017.05.31 18:28:58 | 000,694,121 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\wrc@avast.com.xpi
[2017.02.03 17:09:26 | 000,396,497 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2017.05.25 18:29:00 | 001,058,587 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017.05.27 18:28:59 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\features\{59fbbee5-2c12-4c98-be2a-ae81a371fbbc}\shield-recipe-client@mozilla.org.xpi
[2017.05.27 17:49:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.10.0_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.214_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1 HOSTS File: ([2017.01.30 14:20:57 | 000,001,172 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 systweak.com
O1 - Hosts: 127.0.0.1 updateservice1.systweak.com
O1 - Hosts: 127.0.0.1 www.systweak.com
O1 - Hosts: 127.0.0.1 systemspeedup.systweak.com
O1 - Hosts: 127.0.0.1 systweak.com/STCheckGenuineness
O1 - Hosts: 0.0.0.0 keystone.mwbsys.com 127.0.0.1 example.net
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Family Tree Builder Update] D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [PDFPrint] D:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [AMDDVR] C:\Program Files\AMD\CNext\CNext\amddvr.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [Google Update] C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe (Google Inc.)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [uTorrent] C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36A3DAA9-455C-4449-9214-5FA5BBCF6D33}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46DA537C-44A5-40DF-BF57-A884AD8021D2}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.10.25 17:11:15 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.01.07 23:06:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\Shell - "" = AutoRun
O33 - MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\Shell\AutoRun\command - "" = H:\HiSuiteDownLoader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\I\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - AC3ACM.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2017.05.31 19:30:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\23102013\Desktop\OTL.exe
[2017.05.31 17:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.05.31 17:32:01 | 001,057,264 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2017.05.31 17:32:01 | 000,131,568 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2017.05.31 17:27:02 | 000,000,000 | ---D | C] -- C:\Users\23102013\Intel
[2017.05.31 15:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2017.05.29 20:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
[2017.05.18 22:17:22 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Local\ChanSort
[2017.05.18 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\23102013\.android
[2017.05.17 22:23:18 | 007,663,888 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2017.05.17 22:23:12 | 000,143,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2017.05.17 22:22:44 | 000,544,136 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2017.05.17 22:22:42 | 000,114,056 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2017.05.17 22:22:40 | 000,520,584 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2017.05.17 22:22:38 | 000,194,952 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2017.05.17 22:22:32 | 000,768,392 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2017.05.17 22:22:32 | 000,543,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2017.05.17 22:22:26 | 000,458,632 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2017.05.17 22:22:22 | 000,078,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2017.05.17 22:22:22 | 000,036,232 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\RapidFireServer64.dll
[2017.05.17 22:22:20 | 000,068,488 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2017.05.17 22:22:20 | 000,033,672 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\RapidFireServer.dll
[2017.05.17 22:22:18 | 000,537,992 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\Rapidfire64.dll
[2017.05.17 22:22:18 | 000,469,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\Rapidfire.dll
[2017.05.17 22:22:16 | 000,161,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2017.05.17 22:22:14 | 015,728,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2017.05.17 22:22:14 | 000,126,344 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2017.05.17 22:22:12 | 000,182,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2017.05.17 22:22:12 | 000,142,216 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2017.05.17 22:22:10 | 000,349,064 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2017.05.17 22:22:08 | 014,318,984 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2017.05.17 22:22:08 | 000,067,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2017.05.17 22:22:06 | 000,072,072 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2017.05.17 22:22:06 | 000,065,416 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2017.05.17 22:22:04 | 013,254,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2017.05.17 22:22:02 | 000,060,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2017.05.17 22:22:00 | 000,402,312 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2017.05.17 22:21:58 | 001,032,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2017.05.17 22:21:58 | 001,032,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2017.05.17 22:21:52 | 000,185,600 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2017.05.17 22:21:52 | 000,154,152 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2017.05.17 22:21:48 | 000,128,968 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2017.05.17 22:21:46 | 000,106,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2017.05.17 22:21:44 | 009,899,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2017.05.17 22:21:44 | 000,112,520 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2017.05.17 22:21:42 | 000,103,304 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2017.05.17 22:21:40 | 007,955,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2017.05.17 22:21:38 | 000,855,432 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdlvr64.dll
[2017.05.17 22:21:36 | 000,687,496 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdlvr32.dll
[2017.05.17 22:21:36 | 000,305,544 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2017.05.17 22:21:32 | 059,236,744 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2017.05.17 22:21:32 | 000,159,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2017.05.17 22:21:32 | 000,124,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2017.05.17 22:21:26 | 028,797,832 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2017.05.17 22:21:22 | 022,739,336 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2017.05.17 22:21:20 | 036,551,048 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2017.05.17 22:21:18 | 046,456,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2017.05.17 22:21:16 | 002,527,624 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amfrt64.dll
[2017.05.17 22:21:14 | 002,189,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amfrt32.dll
[2017.05.17 22:21:10 | 010,313,608 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdvlk64.dll
[2017.05.17 22:21:06 | 008,470,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdvlk32.dll
[2017.05.17 22:21:02 | 000,166,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amduve64.dll
[2017.05.17 22:21:00 | 000,135,560 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amduve32.dll
[2017.05.17 22:20:56 | 026,827,656 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2017.05.17 22:20:56 | 000,066,952 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2017.05.17 22:20:54 | 000,082,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmcl64.dll
[2017.05.17 22:20:54 | 000,054,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2017.05.17 22:20:52 | 000,066,440 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmcl32.dll
[2017.05.17 16:20:22 | 000,149,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdihk64.dll
[2017.05.17 16:20:22 | 000,127,880 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdihk32.dll
[2017.05.17 15:37:22 | 000,364,544 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\amdacpusl.dll
[2017.05.17 15:37:18 | 000,248,832 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysWow64\amdacpusl.dll
[2017.05.14 15:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017.05.11 13:31:05 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Roaming\Mozilla
[2017.05.11 13:31:05 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Local\Mozilla
[2017.05.11 13:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2017.05.11 13:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2017.05.11 13:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Resource Kits
[2017.05.10 22:29:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.05.10 15:48:40 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Local\Adobe
[2017.05.10 15:41:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2017.05.10 12:49:43 | 005,977,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017.05.10 12:49:43 | 002,065,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2017.05.10 12:49:42 | 005,547,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017.05.10 12:49:42 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2017.05.10 12:49:42 | 003,945,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2017.05.10 12:49:42 | 002,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017.05.10 12:49:42 | 002,057,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017.05.10 12:49:42 | 001,483,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2017.05.10 12:49:42 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017.05.10 12:49:42 | 000,876,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2017.05.10 12:49:42 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017.05.10 12:49:42 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017.05.10 12:49:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017.05.10 12:49:41 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017.05.10 12:49:41 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017.05.10 12:49:41 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017.05.10 12:49:41 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017.05.10 12:49:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017.05.10 12:49:41 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017.05.10 12:49:41 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017.05.10 12:49:41 | 000,806,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017.05.10 12:49:41 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017.05.10 12:49:41 | 000,706,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017.05.10 12:49:41 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017.05.10 12:49:41 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017.05.10 12:49:41 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017.05.10 12:49:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017.05.10 12:49:41 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2017.05.10 12:49:41 | 000,377,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2017.05.10 12:49:41 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017.05.10 12:49:41 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017.05.10 12:49:41 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2017.05.10 12:49:41 | 000,287,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2017.05.10 12:49:41 | 000,265,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2017.05.10 12:49:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2017.05.10 12:49:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017.05.10 12:49:41 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017.05.10 12:49:41 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017.05.10 12:49:41 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017.05.10 12:49:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2017.05.10 12:49:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2017.05.10 12:49:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\plasrv.exe
[2017.05.10 12:49:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2017.05.10 12:49:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2017.05.10 12:49:40 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2017.05.10 12:49:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2017.05.10 12:49:40 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017.05.10 12:49:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2017.05.10 12:49:40 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017.05.10 12:49:40 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017.05.10 12:49:40 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017.05.10 12:49:40 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017.05.10 12:49:40 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2017.05.10 12:49:40 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017.05.10 12:49:40 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017.05.10 12:49:40 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017.05.10 12:49:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017.05.10 12:49:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2017.05.10 12:49:40 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017.05.10 12:49:40 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2017.05.10 12:49:40 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017.05.10 12:49:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017.05.10 12:49:40 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2017.05.10 12:49:40 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017.05.10 12:49:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017.05.10 12:49:40 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017.05.10 12:49:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017.05.10 12:49:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017.05.10 12:49:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017.05.10 12:49:40 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2017.05.10 12:49:40 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017.05.10 12:49:40 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017.05.10 12:49:40 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017.05.10 12:49:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017.05.10 12:49:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017.05.10 12:49:40 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2017.05.10 12:49:40 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017.05.10 12:49:40 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017.05.10 12:49:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017.05.10 12:49:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017.05.10 12:49:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017.05.10 12:49:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017.05.10 12:49:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017.05.10 12:49:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017.05.10 12:49:39 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2017.05.10 12:49:39 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2017.05.10 12:49:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017.05.10 12:49:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017.05.10 12:49:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2017.05.10 12:49:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017.05.10 12:49:39 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2017.05.10 12:49:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017.05.10 12:49:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017.05.10 12:49:39 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2017.05.10 12:49:39 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2017.05.10 12:49:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2017.05.10 12:49:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017.05.10 12:49:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017.05.10 12:49:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017.05.10 12:49:39 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017.05.10 12:49:39 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017.05.10 12:49:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017.05.10 12:49:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017.05.10 12:49:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2017.05.10 12:49:39 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2017.05.10 12:49:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2017.05.10 12:49:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2017.05.10 12:49:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2017.05.10 12:49:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2017.05.10 12:49:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2017.05.10 12:49:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2017.05.10 12:49:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017.05.10 12:49:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017.05.10 12:49:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017.05.10 12:49:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017.05.10 12:49:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017.05.10 12:49:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2017.05.10 12:49:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017.05.10 12:49:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017.05.10 12:49:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017.05.09 20:32:28 | 000,400,456 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.05 11:30:18 | 000,082,048 | ---- | C] (VSO Software) -- C:\Users\23102013\AppData\Roaming\pcouffin.sys
[76 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[32 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\23102013\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18665)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
15,93 Gb Total Physical Memory | 9,24 Gb Available Physical Memory | 58,03% Memory free
31,86 Gb Paging File | 22,09 Gb Available in Paging File | 69,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,79 Gb Total Space | 5,58 Gb Free Space | 5,00% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 505,64 Gb Free Space | 54,28% Space Free | Partition Type: NTFS
Drive E: | 931,51 Gb Total Space | 152,35 Gb Free Space | 16,36% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 111,30 Gb Free Space | 11,95% Space Free | Partition Type: NTFS
Drive I: | 1,46 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: 23102013-PC | User Name: 23102013 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2017.05.31 19:30:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\23102013\Desktop\OTL.exe
PRC - [2017.05.27 17:49:03 | 000,517,064 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2017.05.17 18:28:43 | 026,774,280 | ---- | M] (Wargaming.net) -- D:\Games\World_of_Tanks\WorldOfTanks.exe
PRC - [2017.05.09 20:32:21 | 008,470,464 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2017.05.09 20:32:19 | 000,263,304 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2017.04.29 10:07:51 | 000,288,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
PRC - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2017.01.20 08:57:12 | 002,780,112 | ---- | M] (Malwarebytes) -- C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
PRC - [2016.12.20 14:28:06 | 000,217,736 | ---- | M] (Geek Software GmbH) -- D:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2016.08.09 13:22:48 | 014,786,736 | ---- | M] (MyHeritage) -- D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
PRC - [2015.11.30 12:50:42 | 006,887,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
PRC - [2014.11.10 12:12:42 | 000,409,376 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2014.11.10 12:12:38 | 000,158,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe
PRC - [2014.03.06 04:08:50 | 000,292,848 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2013.11.08 15:59:33 | 003,783,672 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2013.07.26 20:44:26 | 006,381,192 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2013.03.20 20:28:20 | 007,084,672 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2013.01.10 15:12:20 | 001,103,424 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
PRC - [2012.11.27 18:42:12 | 000,384,280 | ---- | M] (Tanuki Software, Ltd.) -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
PRC - [2012.08.24 09:57:08 | 000,336,992 | ---- | M] (Power Software Ltd) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2011.11.25 10:32:30 | 001,517,976 | ---- | M] () -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
========== Modules (No Company Name) ==========
MOD - [2017.05.31 18:21:57 | 000,030,800 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_ping.pyd
MOD - [2017.05.31 18:21:44 | 000,048,712 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_wwise.pyd
MOD - [2017.05.31 18:21:42 | 000,129,096 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\_ctypes.pyd
MOD - [2017.05.31 18:21:42 | 000,045,648 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_console.pyd
MOD - [2017.05.31 18:21:42 | 000,036,432 | ---- | M] () -- c:\Users\23102013\AppData\Local\Temp\world_of_tanks\com.modxvm.xfw\native\xfw_wotfix.pyd
MOD - [2017.05.10 18:35:26 | 000,048,392 | ---- | M] () -- D:\Games\World_of_Tanks\voip.dll
MOD - [2017.05.09 20:32:22 | 067,717,632 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2017.05.09 20:32:21 | 000,997,896 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\AvChrome.dll
MOD - [2017.05.09 20:32:20 | 000,684,656 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
MOD - [2017.05.09 20:32:20 | 000,223,224 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\tasks_core.dll
MOD - [2017.05.09 20:32:20 | 000,176,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
MOD - [2017.05.09 20:32:19 | 000,170,216 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2017.05.09 20:32:17 | 000,291,824 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
MOD - [2016.02.16 22:28:28 | 001,529,344 | ---- | M] () -- D:\Games\World_of_Tanks\ResIL.dll
MOD - [2016.02.16 22:28:28 | 000,140,288 | ---- | M] () -- D:\Games\World_of_Tanks\ILU.dll
MOD - [2014.02.11 13:48:30 | 000,323,568 | ---- | M] () -- D:\Games\World_of_Tanks\ortp.dll
MOD - [2013.09.05 01:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
========== Services (SafeList) ==========
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2017.05.17 22:22:32 | 000,543,112 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2017.05.17 15:37:48 | 000,121,856 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe -- (amdacpusrsvc)
SRV:64bit: - [2017.05.09 20:32:19 | 000,263,304 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2017.05.09 20:32:18 | 007,346,208 | ---- | M] (AVAST Software s.r.o.) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV:64bit: - [2017.04.16 10:37:33 | 000,116,224 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2017.01.20 08:54:02 | 004,355,024 | ---- | M] (Malwarebytes) [Auto | Running] -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe -- (MBAMService)
SRV:64bit: - [2016.08.22 18:19:43 | 001,386,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2013.08.27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.08.27 14:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2013.08.01 17:31:10 | 000,198,120 | ---- | M] () [Auto | Running] -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe -- (ISCTAgent)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2017.05.31 17:18:48 | 000,024,576 | ---- | M] (Realtek Semiconductor.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe -- (SetupARService)
SRV - [2017.05.27 17:49:03 | 000,173,512 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2017.05.09 19:25:16 | 000,271,864 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2017.04.25 09:12:12 | 000,083,056 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2017.03.26 20:33:36 | 000,105,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2016.12.20 14:28:06 | 000,217,736 | ---- | M] (Geek Software GmbH) [Auto | Running] -- D:\Program Files (x86)\PDF24\pdf24.exe -- (PDF24)
SRV - [2015.11.30 12:50:42 | 006,887,696 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2014.11.10 12:12:42 | 000,409,376 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2014.11.10 12:12:38 | 000,158,496 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.11.08 15:59:33 | 003,783,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013.03.20 20:28:20 | 007,084,672 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013.02.15 14:01:52 | 001,143,720 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012.11.27 18:42:12 | 000,384,280 | ---- | M] (Tanuki Software, Ltd.) [Auto | Running] -- C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe -- (PS3 Media Server)
SRV - [2011.11.25 10:32:30 | 001,517,976 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2017.05.31 17:34:44 | 000,082,720 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebProtection)
DRV:64bit: - [2017.05.31 17:34:36 | 000,111,544 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\farflt.sys -- (MBAMFarflt)
DRV:64bit: - [2017.05.31 17:34:34 | 000,043,968 | ---- | M] (Malwarebytes) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtection)
DRV:64bit: - [2017.05.31 17:34:31 | 000,251,832 | ---- | M] (Malwarebytes) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV:64bit: - [2017.05.17 22:22:40 | 000,520,584 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2017.05.17 22:21:36 | 000,305,544 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\amdacpksd.sys -- (amdacpksd)
DRV:64bit: - [2017.05.17 22:21:20 | 036,551,048 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2017.05.17 11:23:58 | 001,057,264 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2017.05.12 20:32:42 | 000,158,880 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2017.05.09 20:32:23 | 000,569,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2017.05.09 20:32:23 | 000,339,696 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2017.05.09 20:32:23 | 000,128,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2017.05.09 20:32:23 | 000,101,152 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2017.05.09 20:32:23 | 000,075,704 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2017.05.09 20:32:23 | 000,038,296 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2017.05.09 20:32:18 | 001,007,160 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2017.05.09 20:32:18 | 000,032,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2017.05.09 20:32:17 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2017.05.09 20:32:17 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2017.05.09 20:32:17 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2017.05.09 20:32:17 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2017.04.12 21:39:41 | 000,077,440 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mbae64.sys -- (ESProtectionDriver)
DRV:64bit: - [2017.04.11 18:43:36 | 000,186,304 | ---- | M] (Malwarebytes) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\MBAMChameleon.sys -- (MBAMChameleon)
DRV:64bit: - [2017.01.06 22:51:37 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zam64.sys -- (ZAM)
DRV:64bit: - [2017.01.06 22:51:36 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zamguard64.sys -- (ZAM_Guard)
DRV:64bit: - [2016.12.20 14:41:46 | 000,096,256 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2016.08.10 19:40:15 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2016.08.10 19:34:15 | 000,386,680 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2015.06.11 19:15:53 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.03.09 22:01:26 | 001,255,672 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2014.11.10 12:12:38 | 000,129,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014.10.28 01:46:12 | 000,062,152 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2014.08.10 21:12:38 | 000,030,424 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsomc.sys -- (ggsomc)
DRV:64bit: - [2014.08.10 21:12:38 | 000,016,088 | ---- | M] (Sony Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2014.03.06 04:08:20 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2014.03.06 04:08:18 | 000,791,024 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2014.03.06 04:08:18 | 000,370,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2014.02.05 11:30:19 | 000,082,048 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2013.11.30 18:35:54 | 000,055,136 | ---- | M] (VSO Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pcouffin64a.sys -- (Pcouffin64)
DRV:64bit: - [2013.11.08 15:59:34 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2013.11.08 15:59:33 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2013.11.08 15:59:33 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2013.11.08 15:59:33 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2013.11.08 15:59:31 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013.11.08 15:59:30 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2013.11.08 15:59:29 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013.11.08 15:59:29 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013.08.01 17:01:34 | 000,021,920 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\imsevent.sys -- (imsevent)
DRV:64bit: - [2013.08.01 17:01:32 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2013.08.01 17:01:32 | 000,029,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\INETMON.sys -- (INETMON)
DRV:64bit: - [2013.08.01 17:01:32 | 000,021,408 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ikbevent.sys -- (ikbevent)
DRV:64bit: - [2013.03.18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.08.24 09:56:56 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.11.28 15:51:44 | 000,033,872 | ---- | M] (AnvSoft Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\anvsnddrv.sys -- (anvsnddrv)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.17 19:11:25 | 000,031,400 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2012.12.29 22:59:38 | 000,028,664 | ---- | M] (Almico Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004.04.01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
DRV - [2003.10.10 16:06:26 | 000,062,720 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prohlp02.sys -- (prohlp02)
DRV - [2003.10.10 15:06:24 | 000,052,128 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.09.06 14:27:06 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\prosync1.sys -- (prosync1)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 28 B8 F0 D9 7E 67 D2 01 [binary data]
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..browser.startup.homepage: "https://www.seznam.cz/"
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.6.14
FF - prefs.js..extensions.enabledAddons: ClassicThemeRestorer%40ArisT2Noia4dev:1.6.6
FF - prefs.js..extensions.enabledAddons: playflash%40xpi:25.0.0.171
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:53.0.3
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2: C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2: C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\23102013\AppData\Roaming\Mozilla\plugins\npo1d.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 53.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2017.05.11 13:31:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Extensions
[2017.05.25 18:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\browser-extension-data
[2017.05.25 18:29:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\browser-extension-data\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2017.05.31 18:28:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions
[2017.05.27 17:49:05 | 000,000,000 | ---D | M] (PlayFlash 32bit) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi
[2017.05.15 14:36:34 | 001,003,355 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi
[2017.05.31 18:28:57 | 000,352,827 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\sp@avast.com.xpi
[2017.05.31 18:28:58 | 000,694,121 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\wrc@avast.com.xpi
[2017.02.03 17:09:26 | 000,396,497 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2017.05.25 18:29:00 | 001,058,587 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2017.05.27 18:28:59 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\features\{59fbbee5-2c12-4c98-be2a-ae81a371fbbc}\shield-recipe-client@mozilla.org.xpi
[2017.05.27 17:49:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\12.0.199_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.10.0_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\12.0.214_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_1\
CHR - Extension: No name found = C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5817.313.0.5_0\
O1 HOSTS File: ([2017.01.30 14:20:57 | 000,001,172 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 systweak.com
O1 - Hosts: 127.0.0.1 updateservice1.systweak.com
O1 - Hosts: 127.0.0.1 www.systweak.com
O1 - Hosts: 127.0.0.1 systemspeedup.systweak.com
O1 - Hosts: 127.0.0.1 systweak.com/STCheckGenuineness
O1 - Hosts: 0.0.0.0 keystone.mwbsys.com 127.0.0.1 example.net
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe (AVAST Software)
O4:64bit: - HKLM..\Run: [Malwarebytes TrayApp] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Family Tree Builder Update] D:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe (MyHeritage)
O4 - HKLM..\Run: [IMSS] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe (Intel Corporation)
O4 - HKLM..\Run: [PDFPrint] D:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (Power Software Ltd)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [AMDDVR] C:\Program Files\AMD\CNext\CNext\amddvr.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [Google Update] C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe (Google Inc.)
O4 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000..\Run: [uTorrent] C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..Trusted Domains: localhost ([]http in Internet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36A3DAA9-455C-4449-9214-5FA5BBCF6D33}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46DA537C-44A5-40DF-BF57-A884AD8021D2}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.10.25 17:11:15 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.01.07 23:06:25 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\Shell - "" = AutoRun
O33 - MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\Shell\AutoRun\command - "" = H:\HiSuiteDownLoader.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O34 - HKLM BootExecute: (cute settings...)
O34 - HKLM BootExecute: (ountPoints2\I\Sh)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
Drivers32:64bit: msacm.ac3acm - AC3ACM.acm (fccHandler)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FFDS - ff_vfw.dll ()
Drivers32:64bit: vidc.XVID - xvidvfw.dll ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2017.05.31 19:30:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\23102013\Desktop\OTL.exe
[2017.05.31 17:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SWCUTemp
[2017.05.31 17:32:01 | 001,057,264 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2017.05.31 17:32:01 | 000,131,568 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2017.05.31 17:27:02 | 000,000,000 | ---D | C] -- C:\Users\23102013\Intel
[2017.05.31 15:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2017.05.29 20:50:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
[2017.05.18 22:17:22 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Local\ChanSort
[2017.05.18 21:19:32 | 000,000,000 | ---D | C] -- C:\Users\23102013\.android
[2017.05.17 22:23:18 | 007,663,888 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2017.05.17 22:23:12 | 000,143,864 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2017.05.17 22:22:44 | 000,544,136 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2017.05.17 22:22:42 | 000,114,056 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2017.05.17 22:22:40 | 000,520,584 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2017.05.17 22:22:38 | 000,194,952 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2017.05.17 22:22:32 | 000,768,392 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2017.05.17 22:22:32 | 000,543,112 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2017.05.17 22:22:26 | 000,458,632 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2017.05.17 22:22:22 | 000,078,728 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2017.05.17 22:22:22 | 000,036,232 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\RapidFireServer64.dll
[2017.05.17 22:22:20 | 000,068,488 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2017.05.17 22:22:20 | 000,033,672 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\RapidFireServer.dll
[2017.05.17 22:22:18 | 000,537,992 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\Rapidfire64.dll
[2017.05.17 22:22:18 | 000,469,384 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\Rapidfire.dll
[2017.05.17 22:22:16 | 000,161,160 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2017.05.17 22:22:14 | 015,728,008 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2017.05.17 22:22:14 | 000,126,344 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2017.05.17 22:22:12 | 000,182,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2017.05.17 22:22:12 | 000,142,216 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2017.05.17 22:22:10 | 000,349,064 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2017.05.17 22:22:08 | 014,318,984 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2017.05.17 22:22:08 | 000,067,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2017.05.17 22:22:06 | 000,072,072 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2017.05.17 22:22:06 | 000,065,416 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2017.05.17 22:22:04 | 013,254,256 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2017.05.17 22:22:02 | 000,060,296 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2017.05.17 22:22:00 | 000,402,312 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2017.05.17 22:21:58 | 001,032,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2017.05.17 22:21:58 | 001,032,072 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2017.05.17 22:21:52 | 000,185,600 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2017.05.17 22:21:52 | 000,154,152 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2017.05.17 22:21:48 | 000,128,968 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2017.05.17 22:21:46 | 000,106,248 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2017.05.17 22:21:44 | 009,899,912 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2017.05.17 22:21:44 | 000,112,520 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2017.05.17 22:21:42 | 000,103,304 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2017.05.17 22:21:40 | 007,955,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2017.05.17 22:21:38 | 000,855,432 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdlvr64.dll
[2017.05.17 22:21:36 | 000,687,496 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdlvr32.dll
[2017.05.17 22:21:36 | 000,305,544 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2017.05.17 22:21:32 | 059,236,744 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2017.05.17 22:21:32 | 000,159,112 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2017.05.17 22:21:32 | 000,124,808 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2017.05.17 22:21:26 | 028,797,832 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2017.05.17 22:21:22 | 022,739,336 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2017.05.17 22:21:20 | 036,551,048 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2017.05.17 22:21:18 | 046,456,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2017.05.17 22:21:16 | 002,527,624 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amfrt64.dll
[2017.05.17 22:21:14 | 002,189,704 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amfrt32.dll
[2017.05.17 22:21:10 | 010,313,608 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdvlk64.dll
[2017.05.17 22:21:06 | 008,470,920 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdvlk32.dll
[2017.05.17 22:21:02 | 000,166,280 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amduve64.dll
[2017.05.17 22:21:00 | 000,135,560 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amduve32.dll
[2017.05.17 22:20:56 | 026,827,656 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2017.05.17 22:20:56 | 000,066,952 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2017.05.17 22:20:54 | 000,082,824 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmcl64.dll
[2017.05.17 22:20:54 | 000,054,664 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2017.05.17 22:20:52 | 000,066,440 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmcl32.dll
[2017.05.17 16:20:22 | 000,149,896 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdihk64.dll
[2017.05.17 16:20:22 | 000,127,880 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdihk32.dll
[2017.05.17 15:37:22 | 000,364,544 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\amdacpusl.dll
[2017.05.17 15:37:18 | 000,248,832 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysWow64\amdacpusl.dll
[2017.05.14 15:52:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2017.05.11 13:31:05 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Roaming\Mozilla
[2017.05.11 13:31:05 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Local\Mozilla
[2017.05.11 13:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2017.05.11 13:30:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2017.05.11 13:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Resource Kits
[2017.05.10 22:29:23 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017.05.10 15:48:40 | 000,000,000 | ---D | C] -- C:\Users\23102013\AppData\Local\Adobe
[2017.05.10 15:41:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2017.05.10 12:49:43 | 005,977,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2017.05.10 12:49:43 | 002,065,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2017.05.10 12:49:42 | 005,547,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2017.05.10 12:49:42 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2017.05.10 12:49:42 | 003,945,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2017.05.10 12:49:42 | 002,132,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2017.05.10 12:49:42 | 002,057,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2017.05.10 12:49:42 | 001,483,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2017.05.10 12:49:42 | 000,880,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advapi32.dll
[2017.05.10 12:49:42 | 000,876,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2017.05.10 12:49:42 | 000,116,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2017.05.10 12:49:42 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2017.05.10 12:49:42 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2017.05.10 12:49:41 | 001,732,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2017.05.10 12:49:41 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2017.05.10 12:49:41 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2017.05.10 12:49:41 | 001,212,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2017.05.10 12:49:41 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2017.05.10 12:49:41 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2017.05.10 12:49:41 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2017.05.10 12:49:41 | 000,806,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2017.05.10 12:49:41 | 000,725,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2017.05.10 12:49:41 | 000,706,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2017.05.10 12:49:41 | 000,663,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2017.05.10 12:49:41 | 000,631,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2017.05.10 12:49:41 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2017.05.10 12:49:41 | 000,463,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certcli.dll
[2017.05.10 12:49:41 | 000,405,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll
[2017.05.10 12:49:41 | 000,377,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2017.05.10 12:49:41 | 000,342,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certcli.dll
[2017.05.10 12:49:41 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2017.05.10 12:49:41 | 000,300,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pdh.dll
[2017.05.10 12:49:41 | 000,287,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2017.05.10 12:49:41 | 000,265,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2017.05.10 12:49:41 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pdh.dll
[2017.05.10 12:49:41 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2017.05.10 12:49:41 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2017.05.10 12:49:41 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2017.05.10 12:49:41 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2017.05.10 12:49:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\oleres.dll
[2017.05.10 12:49:41 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleres.dll
[2017.05.10 12:49:41 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\plasrv.exe
[2017.05.10 12:49:41 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comcat.dll
[2017.05.10 12:49:41 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\comcat.dll
[2017.05.10 12:49:40 | 001,163,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2017.05.10 12:49:40 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2017.05.10 12:49:40 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2017.05.10 12:49:40 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2017.05.10 12:49:40 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2017.05.10 12:49:40 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2017.05.10 12:49:40 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2017.05.10 12:49:40 | 000,615,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2017.05.10 12:49:40 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2017.05.10 12:49:40 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2017.05.10 12:49:40 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2017.05.10 12:49:40 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2017.05.10 12:49:40 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2017.05.10 12:49:40 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2017.05.10 12:49:40 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2017.05.10 12:49:40 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2017.05.10 12:49:40 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2017.05.10 12:49:40 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2017.05.10 12:49:40 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2017.05.10 12:49:40 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2017.05.10 12:49:40 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2017.05.10 12:49:40 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2017.05.10 12:49:40 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2017.05.10 12:49:40 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2017.05.10 12:49:40 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2017.05.10 12:49:40 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2017.05.10 12:49:40 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2017.05.10 12:49:40 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2017.05.10 12:49:40 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2017.05.10 12:49:40 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\bcrypt.dll
[2017.05.10 12:49:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2017.05.10 12:49:40 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2017.05.10 12:49:40 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2017.05.10 12:49:40 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2017.05.10 12:49:40 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2017.05.10 12:49:40 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2017.05.10 12:49:40 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2017.05.10 12:49:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2017.05.10 12:49:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2017.05.10 12:49:39 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2017.05.10 12:49:39 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2017.05.10 12:49:39 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2017.05.10 12:49:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2017.05.10 12:49:39 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2017.05.10 12:49:39 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2017.05.10 12:49:39 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2017.05.10 12:49:39 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2017.05.10 12:49:39 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2017.05.10 12:49:39 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2017.05.10 12:49:39 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2017.05.10 12:49:39 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2017.05.10 12:49:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2017.05.10 12:49:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2017.05.10 12:49:39 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2017.05.10 12:49:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptbase.dll
[2017.05.10 12:49:39 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2017.05.10 12:49:39 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2017.05.10 12:49:39 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2017.05.10 12:49:39 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2017.05.10 12:49:39 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2017.05.10 12:49:39 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2017.05.10 12:49:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2017.05.10 12:49:39 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2017.05.10 12:49:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2017.05.10 12:49:39 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2017.05.10 12:49:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2017.05.10 12:49:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2017.05.10 12:49:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2017.05.10 12:49:39 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2017.05.10 12:49:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2017.05.10 12:49:39 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2017.05.10 12:49:39 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2017.05.10 12:49:39 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2017.05.10 12:49:39 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2017.05.10 12:49:39 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2017.05.10 12:49:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2017.05.10 12:49:38 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2017.05.10 12:49:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2017.05.09 20:32:28 | 000,400,456 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014.02.05 11:30:18 | 000,082,048 | ---- | C] (VSO Software) -- C:\Users\23102013\AppData\Roaming\pcouffin.sys
[76 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[32 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
Re: pc vydává zvuk
========== Files - Modified Within 30 Days ==========
[2017.05.31 19:38:48 | 000,093,399 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2017.05.31 19:38:48 | 000,061,462 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017.05.31 19:33:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017.05.31 19:30:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\23102013\Desktop\OTL.exe
[2017.05.31 17:44:09 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2017.05.31 17:42:23 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.05.31 17:42:23 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.05.31 17:40:29 | 001,593,302 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.05.31 17:40:29 | 000,672,158 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.05.31 17:40:29 | 000,657,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.05.31 17:40:29 | 000,142,754 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.05.31 17:40:29 | 000,123,008 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.05.31 17:34:44 | 000,082,720 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017.05.31 17:34:36 | 000,111,544 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017.05.31 17:34:34 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017.05.31 17:34:31 | 000,251,832 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2017.05.31 17:34:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.05.31 17:34:20 | 4238,381,054 | -HS- | M] () -- C:\hiberfil.sys
[2017.05.31 17:33:46 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2017.05.31 16:46:22 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2017.05.31 16:31:45 | 001,329,152 | ---- | M] () -- C:\Users\23102013\Desktop\RSITx64.exe
[2017.05.31 15:41:41 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2017.05.31 15:35:16 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.05.31 15:33:05 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.05.29 20:24:18 | 000,000,060 | ---- | M] () -- C:\ProgramData\SoftwareUpdateTemp.xml
[2017.05.29 09:19:38 | 004,110,280 | ---- | M] () -- C:\Users\23102013\Desktop\adwcleaner_6.047.exe
[2017.05.17 22:23:22 | 000,207,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2017.05.17 22:23:22 | 000,161,344 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2017.05.17 22:23:18 | 007,663,888 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2017.05.17 22:23:14 | 009,446,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2017.05.17 22:23:12 | 000,185,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2017.05.17 22:23:12 | 000,143,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2017.05.17 22:22:54 | 000,522,632 | ---- | M] () -- C:\Windows\SysNative\GameManager64.dll
[2017.05.17 22:22:52 | 000,543,112 | ---- | M] () -- C:\Windows\SysNative\dgtrayicon.exe
[2017.05.17 22:22:52 | 000,356,744 | ---- | M] () -- C:\Windows\SysWow64\GameManager32.dll
[2017.05.17 22:22:50 | 000,020,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\detoured.dll
[2017.05.17 22:22:48 | 000,020,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\detoured.dll
[2017.05.17 22:22:44 | 000,544,136 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2017.05.17 22:22:42 | 012,228,352 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2017.05.17 22:22:42 | 000,114,056 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2017.05.17 22:22:40 | 000,520,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2017.05.17 22:22:38 | 000,194,952 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2017.05.17 22:22:36 | 010,172,456 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2017.05.17 22:22:36 | 000,236,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2017.05.17 22:22:34 | 001,651,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2017.05.17 22:22:34 | 000,155,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2017.05.17 22:22:32 | 001,344,832 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2017.05.17 22:22:32 | 000,768,392 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2017.05.17 22:22:32 | 000,543,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2017.05.17 22:22:30 | 000,475,016 | ---- | M] () -- C:\Windows\SysNative\atieah64.exe
[2017.05.17 22:22:28 | 000,325,512 | ---- | M] () -- C:\Windows\SysWow64\atieah32.exe
[2017.05.17 22:22:26 | 000,458,632 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2017.05.17 22:22:22 | 000,078,728 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2017.05.17 22:22:22 | 000,036,232 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\RapidFireServer64.dll
[2017.05.17 22:22:20 | 000,068,488 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2017.05.17 22:22:20 | 000,033,672 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\RapidFireServer.dll
[2017.05.17 22:22:18 | 000,537,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\Rapidfire64.dll
[2017.05.17 22:22:18 | 000,469,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\Rapidfire.dll
[2017.05.17 22:22:16 | 000,161,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2017.05.17 22:22:14 | 015,728,008 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2017.05.17 22:22:14 | 000,126,344 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2017.05.17 22:22:12 | 000,182,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2017.05.17 22:22:12 | 000,142,216 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2017.05.17 22:22:10 | 000,349,064 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2017.05.17 22:22:08 | 014,318,984 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2017.05.17 22:22:08 | 000,067,464 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2017.05.17 22:22:06 | 000,072,072 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2017.05.17 22:22:06 | 000,065,416 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2017.05.17 22:22:04 | 013,254,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2017.05.17 22:22:02 | 000,060,296 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2017.05.17 22:22:00 | 000,402,312 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2017.05.17 22:21:58 | 014,414,072 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2017.05.17 22:21:58 | 001,032,072 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2017.05.17 22:21:58 | 001,032,072 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2017.05.17 22:21:56 | 001,507,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2017.05.17 22:21:52 | 000,185,600 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2017.05.17 22:21:52 | 000,154,152 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2017.05.17 22:21:48 | 000,128,968 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2017.05.17 22:21:46 | 000,106,248 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2017.05.17 22:21:44 | 009,899,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2017.05.17 22:21:44 | 000,269,704 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2017.05.17 22:21:44 | 000,112,520 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2017.05.17 22:21:42 | 000,103,304 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2017.05.17 22:21:40 | 007,955,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2017.05.17 22:21:38 | 000,915,848 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_17.10.dll
[2017.05.17 22:21:38 | 000,855,432 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdlvr64.dll
[2017.05.17 22:21:38 | 000,505,736 | ---- | M] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2017.05.17 22:21:38 | 000,351,624 | ---- | M] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2017.05.17 22:21:36 | 000,687,496 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdlvr32.dll
[2017.05.17 22:21:36 | 000,305,544 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2017.05.17 22:21:32 | 059,236,744 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2017.05.17 22:21:32 | 000,159,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2017.05.17 22:21:32 | 000,124,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2017.05.17 22:21:26 | 028,797,832 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2017.05.17 22:21:22 | 022,739,336 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2017.05.17 22:21:20 | 036,551,048 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2017.05.17 22:21:18 | 046,456,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2017.05.17 22:21:16 | 002,527,624 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amfrt64.dll
[2017.05.17 22:21:14 | 002,189,704 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amfrt32.dll
[2017.05.17 22:21:10 | 010,313,608 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdvlk64.dll
[2017.05.17 22:21:06 | 008,470,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdvlk32.dll
[2017.05.17 22:21:02 | 000,166,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amduve64.dll
[2017.05.17 22:21:00 | 000,135,560 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amduve32.dll
[2017.05.17 22:20:56 | 026,827,656 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2017.05.17 22:20:56 | 000,066,952 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2017.05.17 22:20:54 | 000,082,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmcl64.dll
[2017.05.17 22:20:54 | 000,054,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2017.05.17 22:20:52 | 000,066,440 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmcl32.dll
[2017.05.17 22:20:42 | 032,733,576 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2017.05.17 21:50:06 | 003,437,632 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2017.05.17 21:45:28 | 003,471,376 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2017.05.17 21:34:12 | 000,794,880 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2017.05.17 21:34:12 | 000,794,880 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2017.05.17 16:20:22 | 000,149,896 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdihk64.dll
[2017.05.17 16:20:22 | 000,127,880 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdihk32.dll
[2017.05.17 15:40:42 | 002,428,928 | ---- | M] () -- C:\Windows\SysNative\amdacpusl.pdb
[2017.05.17 15:37:22 | 000,364,544 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\amdacpusl.dll
[2017.05.17 15:37:22 | 000,306,176 | ---- | M] () -- C:\Windows\SysNative\amdacpusl.pdb.pub
[2017.05.17 15:37:18 | 000,248,832 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysWow64\amdacpusl.dll
[2017.05.17 11:23:58 | 001,057,264 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2017.05.17 11:23:58 | 000,131,568 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2017.05.17 11:23:58 | 000,127,512 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2017.05.16 13:38:08 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.05.12 20:32:42 | 000,158,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2017.05.11 13:31:00 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017.05.10 15:06:22 | 000,436,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017.05.10 13:48:02 | 001,568,016 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017.05.09 20:32:23 | 000,569,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.05.09 20:32:23 | 000,400,456 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.05.09 20:32:23 | 000,339,696 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2017.05.09 20:32:23 | 000,128,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.05.09 20:32:23 | 000,101,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.05.09 20:32:23 | 000,075,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.05.09 20:32:23 | 000,038,296 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.05.09 20:32:18 | 001,007,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.05.09 20:32:18 | 000,032,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.05.09 20:32:17 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.05.09 20:32:17 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.05.09 20:32:17 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.05.09 20:32:17 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.05.09 19:25:14 | 000,803,320 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017.05.09 19:25:14 | 000,144,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017.05.07 12:24:04 | 000,005,632 | ---- | M] () -- C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2017.05.02 14:19:59 | 000,000,727 | ---- | M] () -- C:\Users\23102013\Desktop\Aslains WoT Logs Archiver.lnk
[76 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[32 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2017.05.31 16:31:44 | 001,329,152 | ---- | C] () -- C:\Users\23102013\Desktop\RSITx64.exe
[2017.05.31 15:41:41 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2017.05.29 09:19:37 | 004,110,280 | ---- | C] () -- C:\Users\23102013\Desktop\adwcleaner_6.047.exe
[2017.05.17 22:22:54 | 000,522,632 | ---- | C] () -- C:\Windows\SysNative\GameManager64.dll
[2017.05.17 22:22:52 | 000,543,112 | ---- | C] () -- C:\Windows\SysNative\dgtrayicon.exe
[2017.05.17 22:22:52 | 000,356,744 | ---- | C] () -- C:\Windows\SysWow64\GameManager32.dll
[2017.05.17 22:22:30 | 000,475,016 | ---- | C] () -- C:\Windows\SysNative\atieah64.exe
[2017.05.17 22:22:28 | 000,325,512 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2017.05.17 22:21:44 | 000,269,704 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2017.05.17 22:21:38 | 000,505,736 | ---- | C] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2017.05.17 22:21:38 | 000,351,624 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2017.05.17 21:50:06 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2017.05.17 21:45:28 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2017.05.17 21:34:12 | 000,794,880 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2017.05.17 21:34:12 | 000,794,880 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2017.05.17 15:40:42 | 002,428,928 | ---- | C] () -- C:\Windows\SysNative\amdacpusl.pdb
[2017.05.17 15:37:22 | 000,306,176 | ---- | C] () -- C:\Windows\SysNative\amdacpusl.pdb.pub
[2017.05.14 15:52:07 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.05.11 13:31:00 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2017.05.11 13:31:00 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017.05.10 15:05:40 | 000,092,931 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2017.05.10 15:05:40 | 000,060,970 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017.05.01 12:52:12 | 000,000,060 | ---- | C] () -- C:\ProgramData\SoftwareUpdateTemp.xml
[2017.03.18 10:28:53 | 000,005,632 | ---- | C] () -- C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2017.01.29 22:13:38 | 001,938,534 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\U-KIX.del
[2017.01.29 22:13:28 | 000,983,040 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\DonDomnix.exe
[2017.01.29 22:13:22 | 000,983,040 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\Unifinlam.exe
[2017.01.28 00:05:24 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017.01.28 00:04:54 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2017.01.07 20:39:03 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2017.01.07 20:26:02 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.12.16 02:33:50 | 000,273,696 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-37-0.dll
[2016.12.16 02:33:18 | 000,111,392 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-37-0.exe
[2016.11.24 02:14:26 | 000,233,352 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2016.06.23 20:22:00 | 000,264,992 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-17-0.dll
[2016.06.23 20:21:24 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-17-0.exe
[2016.06.17 14:26:04 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2016.04.23 09:35:37 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.04.23 09:35:37 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016.03.01 12:44:17 | 000,217,088 | ---- | C] () -- C:\Windows\UninstallW.exe
[2015.01.29 16:02:35 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.02.06 15:40:43 | 000,006,210 | ---- | C] () -- C:\Users\23102013\UserCustomPreset_Audition.exe.vpr
[2014.02.05 11:30:18 | 000,007,176 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\pcouffin.cat
[2014.02.05 11:30:18 | 000,001,167 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\pcouffin.inf
[2013.11.30 18:39:35 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.10.25 22:41:31 | 000,007,597 | ---- | C] () -- C:\Users\23102013\AppData\Local\resmon.resmoncfg
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016.08.29 17:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.08.29 17:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2017.02.09 15:25:15 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\19624
[2013.10.23 21:25:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ACD Systems
[2013.11.08 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Acronis
[2015.08.11 13:56:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AMD
[2016.01.16 14:09:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AnvSoft
[2013.10.24 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Ashampoo
[2017.05.31 17:22:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Audacity
[2013.10.23 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AVAST Software
[2014.03.09 16:10:34 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\avidemux
[2017.05.14 16:10:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 12:59:07 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Dropbox
[2014.04.10 14:42:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DropboxMaster
[2013.11.09 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab
[2017.01.23 12:15:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab9
[2013.10.24 17:33:42 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\GHISLER
[2014.11.05 15:01:21 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICL
[2013.10.23 23:08:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICQ
[2016.02.25 16:51:35 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\IsolatedStorage
[2014.02.05 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Leawo
[2014.05.15 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\library_dir
[2014.06.03 14:23:56 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\mkvtoolnix
[2017.05.31 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MPC-HC
[2016.06.17 14:36:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MyHeritage
[2015.05.09 14:50:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Notepad++
[2014.06.22 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PgcEdit
[2015.08.11 14:04:54 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Polda 6
[2016.03.22 21:54:00 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PowerISO
[2017.01.06 22:54:01 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Seznam.cz
[2016.08.11 19:34:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\TeamViewer
[2014.06.22 18:41:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Uninstaller Tool(Comodo Forums)
[2013.11.27 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Unity
[2017.05.31 19:36:36 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\uTorrent
[2014.06.22 19:19:02 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\VitySoft
[2013.10.24 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Wargaming.net
[2016.06.05 20:35:31 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\WoJ Emulator Extreme Edition
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,600 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2017.05.31 15:41:41 | 000,000,458 | ---- | C] () -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | C] () -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,656 | ---- | C] () -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2016.08.29 17:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\explorer.exe
[2016.08.29 17:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016.08.29 16:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\SysWOW64\explorer.exe
[2016.08.29 16:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2017.04.04 17:34:38 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=351A21ED3971ADD558956FF3EB0F6FED -- C:\Windows\SysNative\drivers\tcpip.sys
[2017.04.04 17:34:38 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=351A21ED3971ADD558956FF3EB0F6FED -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23761_none_11947868964edb1a\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2016.07.07 17:36:20 | 001,896,168 | ---- | M] (Microsoft Corporation) MD5=B2875D7ABB82867DC3AA03D991940201 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_117904649662b62b\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\52e747d87d6c1d84b4bd4ef8f01685e0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\52e747d87d6c1d84b4bd4ef8f01685e0\*.tmp -> ]
[32 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[32 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2017.02.09 15:25:15 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\19624
[2013.10.23 21:25:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ACD Systems
[2013.11.08 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Acronis
[2014.02.04 22:53:24 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Adobe
[2015.08.11 13:56:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AMD
[2016.01.16 14:09:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AnvSoft
[2015.06.28 17:32:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Apple Computer
[2013.10.24 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Ashampoo
[2013.10.23 20:17:47 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ATI
[2017.05.31 17:22:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Audacity
[2013.10.23 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AVAST Software
[2014.03.09 16:10:34 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\avidemux
[2017.05.14 16:10:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DAEMON Tools Lite
[2014.06.20 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DivX
[2014.04.11 12:59:07 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Dropbox
[2014.04.10 14:42:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DropboxMaster
[2013.11.09 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab
[2017.01.23 12:15:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab9
[2013.10.24 17:33:42 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\GHISLER
[2016.10.06 15:10:49 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\GRETECH
[2014.11.05 15:01:21 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICL
[2013.10.23 23:08:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICQ
[2013.10.23 20:02:31 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Identities
[2016.02.25 16:51:35 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\IsolatedStorage
[2014.02.05 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Leawo
[2014.05.15 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\library_dir
[2013.10.23 20:37:56 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Media Center Programs
[2017.05.18 21:49:28 | 000,000,000 | --SD | M] -- C:\Users\23102013\AppData\Roaming\Microsoft
[2014.06.03 14:23:56 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\mkvtoolnix
[2017.05.11 13:31:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Mozilla
[2017.05.31 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MPC-HC
[2016.06.17 14:36:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MyHeritage
[2015.05.09 14:50:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Notepad++
[2014.06.22 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PgcEdit
[2015.08.11 14:04:54 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Polda 6
[2016.03.22 21:54:00 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PowerISO
[2017.01.06 22:54:01 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Seznam.cz
[2017.01.27 20:29:54 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Skype
[2016.04.09 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Sun
[2016.08.11 19:34:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\TeamViewer
[2014.06.22 18:41:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Uninstaller Tool(Comodo Forums)
[2013.11.27 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Unity
[2017.05.31 19:46:36 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\uTorrent
[2014.06.22 19:19:02 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\VitySoft
[2017.04.30 23:13:05 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\vlc
[2013.10.24 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Wargaming.net
[2013.10.23 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\WinRAR
[2016.06.05 20:35:31 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\WoJ Emulator Extreme Edition
< %APPDATA%\*.exe /s >
[2017.01.29 22:13:12 | 000,983,040 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\DonDomnix.exe
[2017.01.29 22:13:12 | 000,983,040 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Unifinlam.exe
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\23102013\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\23102013\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\23102013\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2017.03.21 15:28:28 | 001,950,176 | ---- | M] (Gretech Corporation) -- C:\Users\23102013\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2016.07.10 12:22:52 | 000,029,184 | R--- | M] () -- C:\Users\23102013\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2016.08.10 19:52:41 | 000,010,134 | R--- | M] () -- C:\Users\23102013\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2017.02.03 17:20:14 | 000,158,000 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\FlashGot.exe
[2017.05.23 18:29:06 | 003,452,408 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi\plugins\FlashPlayerPlugin_25_0_0_171.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2016.11.01 10:51:18 | 000,091,136 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2011.04.22 05:02:57 | 007,161,856 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Uninstaller Tool(Comodo Forums)\Uninstaller.exe
[2014.04.14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[32 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2017.05.31 15:41:41 | 000,000,656 | ---- | M] () -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | M] () -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,458 | ---- | M] () -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[32 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2017.05.31 19:36:40 | 000,065,440 | ---- | M] () -- C:\Windows\system32\Gms.log
[32 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe -- [2017.04.30 09:52:15 | 000,601,168 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe" -- [2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.)
"AMDDVR" = "C:\Program Files\AMD\CNext\CNext\amddvr.exe" -- [2017.05.17 16:20:18 | 001,384,328 | ---- | M] (Advanced Micro Devices, Inc.)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2017.04.11 01:57:44 | 009,532,120 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2017.05.27 17:49:03 | 000,517,064 | ---- | M] (Mozilla Corporation) MD5=9710FABEF9AD37A3AA966AF53BCBDD1A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2017.04.20 01:16:51 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=4020CE0DE0CC206F9BC241E5634A02DA -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017.05.09 11:12:58 | 001,143,640 | ---- | M] (Google Inc.) MD5=0FFC55BD7C6A0BC17072D2EC7D9FB341 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.05.31 19:33:18 | 000,000,512 | ---- | M] () MD5=E8B7B272FB238ECDD001E9378A7623EC -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.07.17 17:44:21 | 000,005,369 | ---- | M] () -- \FreeRapid-0.9\plugins\crackle.frp
[2017.02.07 15:19:50 | 000,016,642 | ---- | M] () -- \ProgramData\AVAST Software\Avast\pam\icons\cracked_com.png
[2017.02.11 12:13:23 | 000,000,808 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Converter Professional + crack\Any Video Converter Professional + crack.lnk
[2014.06.01 09:32:23 | 000,005,592 | ---- | M] () -- \Users\23102013\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2012.09.17 15:23:44 | 000,017,512 | ---- | M] () -- \Users\23102013\Documents\Xilisoft Corporation\HD Video Converter\crack.js
[2017.02.07 15:19:50 | 000,016,642 | ---- | M] () -- \Users\All Users\AVAST Software\Avast\pam\icons\cracked_com.png
[2017.02.11 12:13:23 | 000,000,808 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Any Video Converter Professional + crack\Any Video Converter Professional + crack.lnk
< *keygen* /s >
< *loader* /s >
[2013.12.06 08:34:22 | 000,016,910 | ---- | M] () -- \Program Files (x86)\Avidemux 2.6\libADM_coreImageLoader6.dll
[2013.03.14 19:43:18 | 000,024,576 | ---- | M] () -- \Program Files (x86)\Common Files\Acronis\TrueImageHome\tnd_loader.bin
[2014.09.03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2016.09.24 11:54:24 | 000,009,632 | ---- | M] () -- \Program Files (x86)\HiSuite\skin\hisuite\com.tencent.android.qqdownloader.png
[2011.05.25 15:43:46 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.25 15:43:46 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.25 15:43:45 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.27 16:15:18 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.25 15:43:57 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2013.10.23 23:08:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2017.05.05 01:49:18 | 000,018,624 | ---- | M] () -- \Program Files (x86)\Mozilla Firefox\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.16 00:13:10 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2012.12.03 16:54:38 | 000,134,456 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderATA.xss
[2012.12.03 16:54:38 | 000,112,520 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderSCSI.xss
[2012.11.29 11:34:00 | 000,117,352 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderUSB.xss
[2017.04.11 18:16:37 | 000,221,112 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2017.04.11 18:16:37 | 000,276,224 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2017.05.09 20:32:20 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\amd64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.09 20:32:21 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.22 12:36:26 | 001,408,361 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\resources\bundled_extensions\video-downloader.crx
[2017.05.17 13:02:18 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.607\resources\bundled_extensions\video-downloader.crx
[2017.05.17 13:02:18 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2014.09.03 01:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2016.12.02 00:01:12 | 004,395,008 | ---- | M] () -- \Program Files\VDownloader\VDownloader4.exe
[2016.04.20 16:00:32 | 000,370,070 | ---- | M] () -- \Program Files\VDownloader\VDownloader4.ico
[2016.12.02 00:01:02 | 000,706,560 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.Controls.dll
[2016.12.02 00:01:10 | 000,802,816 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.dll
[2016.12.02 00:00:58 | 000,161,280 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUtility.exe
[2016.06.28 19:17:02 | 000,202,830 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\Scottish English male\VDownloader.wav
[2016.06.28 19:17:16 | 000,202,830 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\Scottish male\VDownloader.wav
[2016.06.28 19:17:28 | 000,156,716 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\UK English female\VDownloader.wav
[2016.06.28 19:17:04 | 000,156,716 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\UK English woman\VDownloader.wav
[2016.06.28 19:17:10 | 000,117,582 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\US British male\VDownloader.wav
[2016.06.28 19:17:24 | 000,126,908 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\US English male (James)\VDownloader.wav
[2016.06.28 19:17:20 | 000,112,984 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\US English male\VDownloader.wav
[2016.08.15 00:16:14 | 000,102,288 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2016.01.26 13:41:00 | 000,003,208 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.271_0\skin\ajax-loader.gif
[2016.02.25 15:22:04 | 000,003,208 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.305_0\skin\ajax-loader.gif
[2016.01.27 18:09:18 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.114_0\icons\loader.gif
[2016.03.29 10:48:52 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.155_0\icons\loader.gif
[2016.06.10 09:26:26 | 000,003,601 | ---- | M] () -- \ProgramData\GRETECH\GomAudio\skins\basic\MB\MB_BG_DOWNLOADER.png
[2016.06.10 09:26:26 | 000,001,770 | ---- | M] () -- \ProgramData\GRETECH\GomAudio\skins\basic\MB\MB_TITLE_DOWNLOADER.BMP
[2017.02.11 12:13:32 | 000,001,754 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2017.04.13 08:35:24 | 000,003,605 | ---- | M] () -- \Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.10.0_0\icons\loader.gif
[2017.04.13 08:35:24 | 000,003,208 | ---- | M] () -- \Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.10.0_0\skin\ajax-loader.gif
[2015.02.22 20:49:29 | 000,002,608 | ---- | M] () -- \Users\23102013\AppData\Local\Microsoft\Windows Sidebar\Gadgets\pocasi-slunecno.gadget\loader.gif
[2017.02.11 12:11:40 | 000,001,760 | ---- | M] () -- \Users\23102013\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\bin\19018libfoxloader-x64.dll
[2016.11.01 10:51:18 | 000,091,136 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2015.05.30 09:58:53 | 000,000,165 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2016.01.26 13:41:00 | 000,003,208 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.271_0\skin\ajax-loader.gif
[2016.02.25 15:22:04 | 000,003,208 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.305_0\skin\ajax-loader.gif
[2016.01.27 18:09:18 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.114_0\icons\loader.gif
[2016.03.29 10:48:52 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.155_0\icons\loader.gif
[2016.06.10 09:26:26 | 000,003,601 | ---- | M] () -- \Users\All Users\GRETECH\GomAudio\skins\basic\MB\MB_BG_DOWNLOADER.png
[2016.06.10 09:26:26 | 000,001,770 | ---- | M] () -- \Users\All Users\GRETECH\GomAudio\skins\basic\MB\MB_TITLE_DOWNLOADER.BMP
[2017.02.11 12:13:32 | 000,001,754 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.03.09 09:52:18 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 09:52:18 | 000,364,168 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2017.04.28 02:32:32 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[32 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2017.04.28 02:32:32 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[32 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2016.10.16 09:48:36 | 000,019,136 | ---- | M] () -- \Windows\winsxs\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:06:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:00:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 01:52:00 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_68c747cf927b424f\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 08:12:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_68c320af927f0d5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 23:52:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_693eeacaaba77feb\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 08:17:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_694fc03eab99f652\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:44:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_6907deb0abd0ec97\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:50:10 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_6908defaabd005ee\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 17:30:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_6950c454ab9909f7\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.28 03:09:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23796_none_690ce7baabcc5fe6\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.10 13:27:27 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf.manifest
[2017.05.10 13:27:27 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winload.efi.mui_35ee487d
[2017.05.10 13:27:27 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winload.exe.mui_3bc5b827
[2017.05.10 13:27:27 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winresume.efi.mui_f412814e
[2017.05.10 13:27:27 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winresume.exe.mui_ff8b5358
[2017.05.10 13:27:27 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2.manifest
[2017.05.10 13:27:27 | 000,706,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winload.efi_75834aa0
[2017.05.10 13:27:27 | 000,633,296 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winload.exe_75835076
[2017.05.10 13:27:27 | 000,631,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winresume.efi_85cd069f
[2017.05.10 13:27:27 | 000,546,656 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.13 22:36:12 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.04.27 22:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.07.15 07:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 22:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2015.07.23 05:58:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_91cf697e2ce106c4.manifest
[2016.01.22 10:02:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_91e03ef22cd37d2b.manifest
[2016.03.16 23:01:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_91985d642d0a7370.manifest
[2016.03.18 02:10:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_91995dae2d098cc7.manifest
[2016.09.02 18:34:19 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_91e143082cd290d0.manifest
[2017.04.28 03:52:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.04.27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 05:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 20:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2015.07.23 03:47:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_b9b3b5069c7e6cf7.manifest
[2016.01.22 08:51:12 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_b9c48a7a9c70e35e.manifest
[2016.03.16 21:24:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_b97ca8ec9ca7d9a3.manifest
[2016.03.18 01:29:22 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_b97da9369ca6f2fa.manifest
[2016.09.02 17:55:50 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_b9c58e909c6ff703.manifest
[2017.04.28 03:35:56 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2016.10.16 09:48:36 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:47:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:44:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 19:42:39 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_0ca8ac4bda1dd119\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 01:54:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_0d204f46f34a0eb5\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 17:16:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_0d3228d0f33b98c1\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.28 02:32:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23796_none_0cee4c36f36eeeb0\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
[2017.05.31 19:38:48 | 000,093,399 | ---- | M] () -- C:\Windows\ZAM.krnl.trace
[2017.05.31 19:38:48 | 000,061,462 | ---- | M] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017.05.31 19:33:18 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2017.05.31 19:30:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\23102013\Desktop\OTL.exe
[2017.05.31 17:44:09 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2017.05.31 17:42:23 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2017.05.31 17:42:23 | 000,023,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2017.05.31 17:40:29 | 001,593,302 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2017.05.31 17:40:29 | 000,672,158 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2017.05.31 17:40:29 | 000,657,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2017.05.31 17:40:29 | 000,142,754 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2017.05.31 17:40:29 | 000,123,008 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2017.05.31 17:34:44 | 000,082,720 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mwac.sys
[2017.05.31 17:34:36 | 000,111,544 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\farflt.sys
[2017.05.31 17:34:34 | 000,043,968 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\mbam.sys
[2017.05.31 17:34:31 | 000,251,832 | ---- | M] (Malwarebytes) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2017.05.31 17:34:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2017.05.31 17:34:20 | 4238,381,054 | -HS- | M] () -- C:\hiberfil.sys
[2017.05.31 17:33:46 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\spu_storage.bin
[2017.05.31 16:46:22 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2017.05.31 16:31:45 | 001,329,152 | ---- | M] () -- C:\Users\23102013\Desktop\RSITx64.exe
[2017.05.31 15:41:41 | 000,000,656 | ---- | M] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | M] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2017.05.31 15:35:16 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.05.31 15:33:05 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017.05.29 20:24:18 | 000,000,060 | ---- | M] () -- C:\ProgramData\SoftwareUpdateTemp.xml
[2017.05.29 09:19:38 | 004,110,280 | ---- | M] () -- C:\Users\23102013\Desktop\adwcleaner_6.047.exe
[2017.05.17 22:23:22 | 000,207,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2017.05.17 22:23:22 | 000,161,344 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2017.05.17 22:23:18 | 007,663,888 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2017.05.17 22:23:14 | 009,446,336 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2017.05.17 22:23:12 | 000,185,088 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2017.05.17 22:23:12 | 000,143,864 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2017.05.17 22:22:54 | 000,522,632 | ---- | M] () -- C:\Windows\SysNative\GameManager64.dll
[2017.05.17 22:22:52 | 000,543,112 | ---- | M] () -- C:\Windows\SysNative\dgtrayicon.exe
[2017.05.17 22:22:52 | 000,356,744 | ---- | M] () -- C:\Windows\SysWow64\GameManager32.dll
[2017.05.17 22:22:50 | 000,020,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\detoured.dll
[2017.05.17 22:22:48 | 000,020,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\detoured.dll
[2017.05.17 22:22:44 | 000,544,136 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2017.05.17 22:22:42 | 012,228,352 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2017.05.17 22:22:42 | 000,114,056 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2017.05.17 22:22:40 | 000,520,584 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2017.05.17 22:22:38 | 000,194,952 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2017.05.17 22:22:38 | 000,124,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2017.05.17 22:22:36 | 010,172,456 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2017.05.17 22:22:36 | 000,236,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2017.05.17 22:22:34 | 001,651,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2017.05.17 22:22:34 | 000,155,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2017.05.17 22:22:32 | 001,344,832 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2017.05.17 22:22:32 | 000,768,392 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2017.05.17 22:22:32 | 000,543,112 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2017.05.17 22:22:30 | 000,475,016 | ---- | M] () -- C:\Windows\SysNative\atieah64.exe
[2017.05.17 22:22:28 | 000,325,512 | ---- | M] () -- C:\Windows\SysWow64\atieah32.exe
[2017.05.17 22:22:26 | 000,458,632 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atidemgy.dll
[2017.05.17 22:22:22 | 000,078,728 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2017.05.17 22:22:22 | 000,036,232 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\RapidFireServer64.dll
[2017.05.17 22:22:20 | 000,068,488 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2017.05.17 22:22:20 | 000,033,672 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\RapidFireServer.dll
[2017.05.17 22:22:18 | 000,537,992 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\Rapidfire64.dll
[2017.05.17 22:22:18 | 000,469,384 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\Rapidfire.dll
[2017.05.17 22:22:16 | 000,161,160 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantleaxl64.dll
[2017.05.17 22:22:14 | 015,728,008 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2017.05.17 22:22:14 | 000,126,344 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantleaxl32.dll
[2017.05.17 22:22:12 | 000,182,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\mantle64.dll
[2017.05.17 22:22:12 | 000,142,216 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\mantle32.dll
[2017.05.17 22:22:10 | 000,349,064 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2017.05.17 22:22:08 | 014,318,984 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2017.05.17 22:22:08 | 000,067,464 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2017.05.17 22:22:06 | 000,072,072 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2017.05.17 22:22:06 | 000,065,416 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2017.05.17 22:22:04 | 013,254,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2017.05.17 22:22:02 | 000,060,296 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2017.05.17 22:22:00 | 000,402,312 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2017.05.17 22:21:58 | 014,414,072 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2017.05.17 22:21:58 | 001,032,072 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2017.05.17 22:21:58 | 001,032,072 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxx.dll
[2017.05.17 22:21:56 | 001,507,720 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2017.05.17 22:21:56 | 000,121,240 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2017.05.17 22:21:56 | 000,092,840 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2017.05.17 22:21:52 | 000,185,600 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdhcp64.dll
[2017.05.17 22:21:52 | 000,154,152 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdhcp32.dll
[2017.05.17 22:21:48 | 000,128,968 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdave64.dll
[2017.05.17 22:21:46 | 000,106,248 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdave32.dll
[2017.05.17 22:21:44 | 009,899,912 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmantle64.dll
[2017.05.17 22:21:44 | 000,269,704 | ---- | M] () -- C:\Windows\SysNative\clinfo.exe
[2017.05.17 22:21:44 | 000,112,520 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2017.05.17 22:21:42 | 000,103,304 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2017.05.17 22:21:40 | 007,955,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmantle32.dll
[2017.05.17 22:21:38 | 000,915,848 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst_17.10.dll
[2017.05.17 22:21:38 | 000,855,432 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdlvr64.dll
[2017.05.17 22:21:38 | 000,505,736 | ---- | M] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2017.05.17 22:21:38 | 000,351,624 | ---- | M] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2017.05.17 22:21:36 | 000,687,496 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdlvr32.dll
[2017.05.17 22:21:36 | 000,305,544 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdacpksd.sys
[2017.05.17 22:21:32 | 059,236,744 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2017.05.17 22:21:32 | 000,159,112 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atisamu64.dll
[2017.05.17 22:21:32 | 000,124,808 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atisamu32.dll
[2017.05.17 22:21:26 | 028,797,832 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl12cl64.dll
[2017.05.17 22:21:22 | 022,739,336 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl12cl.dll
[2017.05.17 22:21:20 | 036,551,048 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2017.05.17 22:21:18 | 046,456,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\amdocl.dll
[2017.05.17 22:21:16 | 002,527,624 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amfrt64.dll
[2017.05.17 22:21:14 | 002,189,704 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amfrt32.dll
[2017.05.17 22:21:10 | 010,313,608 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdvlk64.dll
[2017.05.17 22:21:06 | 008,470,920 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdvlk32.dll
[2017.05.17 22:21:02 | 000,166,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amduve64.dll
[2017.05.17 22:21:00 | 000,135,560 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amduve32.dll
[2017.05.17 22:20:56 | 026,827,656 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2017.05.17 22:20:56 | 000,066,952 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmmcl6.dll
[2017.05.17 22:20:54 | 000,082,824 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdmcl64.dll
[2017.05.17 22:20:54 | 000,054,664 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmmcl.dll
[2017.05.17 22:20:52 | 000,066,440 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdmcl32.dll
[2017.05.17 22:20:42 | 032,733,576 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2017.05.17 21:50:06 | 003,437,632 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2017.05.17 21:45:28 | 003,471,376 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2017.05.17 21:34:12 | 000,794,880 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2017.05.17 21:34:12 | 000,794,880 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2017.05.17 16:20:22 | 000,149,896 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\amdihk64.dll
[2017.05.17 16:20:22 | 000,127,880 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\amdihk32.dll
[2017.05.17 15:40:42 | 002,428,928 | ---- | M] () -- C:\Windows\SysNative\amdacpusl.pdb
[2017.05.17 15:37:22 | 000,364,544 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysNative\amdacpusl.dll
[2017.05.17 15:37:22 | 000,306,176 | ---- | M] () -- C:\Windows\SysNative\amdacpusl.pdb.pub
[2017.05.17 15:37:18 | 000,248,832 | ---- | M] (Advanced Micro Devices) -- C:\Windows\SysWow64\amdacpusl.dll
[2017.05.17 11:23:58 | 001,057,264 | ---- | M] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2017.05.17 11:23:58 | 000,131,568 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2017.05.17 11:23:58 | 000,127,512 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2017.05.16 13:38:08 | 000,002,194 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2017.05.12 20:32:42 | 000,158,880 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2017.05.11 13:31:00 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017.05.10 15:06:22 | 000,436,720 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2017.05.10 13:48:02 | 001,568,016 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2017.05.09 20:32:23 | 000,569,192 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2017.05.09 20:32:23 | 000,400,456 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2017.05.09 20:32:23 | 000,339,696 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
[2017.05.09 20:32:23 | 000,128,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2017.05.09 20:32:23 | 000,101,152 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2017.05.09 20:32:23 | 000,075,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2017.05.09 20:32:23 | 000,038,296 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
[2017.05.09 20:32:18 | 001,007,160 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2017.05.09 20:32:18 | 000,032,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2017.05.09 20:32:17 | 000,334,576 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbloga.sys
[2017.05.09 20:32:17 | 000,311,808 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys
[2017.05.09 20:32:17 | 000,190,256 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbidsha.sys
[2017.05.09 20:32:17 | 000,049,016 | ---- | M] (AVAST Software s.r.o.) -- C:\Windows\SysNative\drivers\aswbuniva.sys
[2017.05.09 19:25:14 | 000,803,320 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2017.05.09 19:25:14 | 000,144,888 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2017.05.07 12:24:04 | 000,005,632 | ---- | M] () -- C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2017.05.02 14:19:59 | 000,000,727 | ---- | M] () -- C:\Users\23102013\Desktop\Aslains WoT Logs Archiver.lnk
[76 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[32 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2017.05.31 16:31:44 | 001,329,152 | ---- | C] () -- C:\Users\23102013\Desktop\RSITx64.exe
[2017.05.31 15:41:41 | 000,000,656 | ---- | C] () -- C:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | C] () -- C:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,458 | ---- | C] () -- C:\Windows\tasks\Scan the system (Spybot - Search & Destroy).job
[2017.05.29 09:19:37 | 004,110,280 | ---- | C] () -- C:\Users\23102013\Desktop\adwcleaner_6.047.exe
[2017.05.17 22:22:54 | 000,522,632 | ---- | C] () -- C:\Windows\SysNative\GameManager64.dll
[2017.05.17 22:22:52 | 000,543,112 | ---- | C] () -- C:\Windows\SysNative\dgtrayicon.exe
[2017.05.17 22:22:52 | 000,356,744 | ---- | C] () -- C:\Windows\SysWow64\GameManager32.dll
[2017.05.17 22:22:30 | 000,475,016 | ---- | C] () -- C:\Windows\SysNative\atieah64.exe
[2017.05.17 22:22:28 | 000,325,512 | ---- | C] () -- C:\Windows\SysWow64\atieah32.exe
[2017.05.17 22:21:44 | 000,269,704 | ---- | C] () -- C:\Windows\SysNative\clinfo.exe
[2017.05.17 22:21:38 | 000,505,736 | ---- | C] () -- C:\Windows\SysNative\amdgfxinfo64.dll
[2017.05.17 22:21:38 | 000,351,624 | ---- | C] () -- C:\Windows\SysWow64\amdgfxinfo32.dll
[2017.05.17 21:50:06 | 003,437,632 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2017.05.17 21:45:28 | 003,471,376 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2017.05.17 21:34:12 | 000,794,880 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2017.05.17 21:34:12 | 000,794,880 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2017.05.17 15:40:42 | 002,428,928 | ---- | C] () -- C:\Windows\SysNative\amdacpusl.pdb
[2017.05.17 15:37:22 | 000,306,176 | ---- | C] () -- C:\Windows\SysNative\amdacpusl.pdb.pub
[2017.05.14 15:52:07 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2017.05.11 13:31:00 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2017.05.11 13:31:00 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2017.05.10 15:05:40 | 000,092,931 | ---- | C] () -- C:\Windows\ZAM.krnl.trace
[2017.05.10 15:05:40 | 000,060,970 | ---- | C] () -- C:\Windows\ZAM_Guard.krnl.trace
[2017.05.01 12:52:12 | 000,000,060 | ---- | C] () -- C:\ProgramData\SoftwareUpdateTemp.xml
[2017.03.18 10:28:53 | 000,005,632 | ---- | C] () -- C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2017.01.29 22:13:38 | 001,938,534 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\U-KIX.del
[2017.01.29 22:13:28 | 000,983,040 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\DonDomnix.exe
[2017.01.29 22:13:22 | 000,983,040 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\Unifinlam.exe
[2017.01.28 00:05:24 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-39-1.exe
[2017.01.28 00:04:54 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-39-1.dll
[2017.01.07 20:39:03 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2017.01.07 20:26:02 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2016.12.16 02:33:50 | 000,273,696 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-37-0.dll
[2016.12.16 02:33:18 | 000,111,392 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-37-0.exe
[2016.11.24 02:14:26 | 000,233,352 | ---- | C] () -- C:\Windows\SysWow64\hsa-thunk.dll
[2016.06.23 20:22:00 | 000,264,992 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-17-0.dll
[2016.06.23 20:21:24 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-17-0.exe
[2016.06.17 14:26:04 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2016.04.23 09:35:37 | 000,326,656 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1.dll
[2016.04.23 09:35:37 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo.exe
[2016.03.01 12:44:17 | 000,217,088 | ---- | C] () -- C:\Windows\UninstallW.exe
[2015.01.29 16:02:35 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.02.06 15:40:43 | 000,006,210 | ---- | C] () -- C:\Users\23102013\UserCustomPreset_Audition.exe.vpr
[2014.02.05 11:30:18 | 000,007,176 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\pcouffin.cat
[2014.02.05 11:30:18 | 000,001,167 | ---- | C] () -- C:\Users\23102013\AppData\Roaming\pcouffin.inf
[2013.11.30 18:39:35 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2013.10.25 22:41:31 | 000,007,597 | ---- | C] () -- C:\Users\23102013\AppData\Local\resmon.resmoncfg
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2016.08.29 17:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016.08.29 17:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2017.02.09 15:25:15 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\19624
[2013.10.23 21:25:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ACD Systems
[2013.11.08 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Acronis
[2015.08.11 13:56:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AMD
[2016.01.16 14:09:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AnvSoft
[2013.10.24 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Ashampoo
[2017.05.31 17:22:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Audacity
[2013.10.23 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AVAST Software
[2014.03.09 16:10:34 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\avidemux
[2017.05.14 16:10:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DAEMON Tools Lite
[2014.04.11 12:59:07 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Dropbox
[2014.04.10 14:42:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DropboxMaster
[2013.11.09 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab
[2017.01.23 12:15:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab9
[2013.10.24 17:33:42 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\GHISLER
[2014.11.05 15:01:21 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICL
[2013.10.23 23:08:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICQ
[2016.02.25 16:51:35 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\IsolatedStorage
[2014.02.05 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Leawo
[2014.05.15 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\library_dir
[2014.06.03 14:23:56 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\mkvtoolnix
[2017.05.31 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MPC-HC
[2016.06.17 14:36:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MyHeritage
[2015.05.09 14:50:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Notepad++
[2014.06.22 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PgcEdit
[2015.08.11 14:04:54 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Polda 6
[2016.03.22 21:54:00 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PowerISO
[2017.01.06 22:54:01 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Seznam.cz
[2016.08.11 19:34:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\TeamViewer
[2014.06.22 18:41:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Uninstaller Tool(Comodo Forums)
[2013.11.27 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Unity
[2017.05.31 19:36:36 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\uTorrent
[2014.06.22 19:19:02 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\VitySoft
[2013.10.24 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Wargaming.net
[2016.06.05 20:35:31 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\WoJ Emulator Extreme Edition
========== Purity Check ==========
========== Custom Scans ==========
< >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,600 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2017.05.31 15:41:41 | 000,000,458 | ---- | C] () -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | C] () -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,656 | ---- | C] () -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
< >
< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\SysNative\autochk.exe
[2010.11.20 15:24:26 | 000,777,728 | ---- | M] (Microsoft Corporation) MD5=3B536A8BEC3B4F23FFDFD78B11A2AB93 -- C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\SysWOW64\autochk.exe
[2010.11.20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe
< MD5 for: CDROM.SYS >
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\drivers\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_neutral_0b3d0d1942ab684b\cdrom.sys
[2010.11.20 11:19:21 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=F036CE71586E93D94DAB220D7BDF4416 -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_bdcf6151ba66f48b\cdrom.sys
< MD5 for: EXPLORER.EXE >
[2016.08.29 17:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\explorer.exe
[2016.08.29 17:04:37 | 003,229,696 | ---- | M] (Microsoft Corporation) MD5=38AE1B3C38FAEF56FE4907922F0385BA -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_b0517adca98752cc\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2016.08.29 16:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\SysWOW64\explorer.exe
[2016.08.29 16:55:07 | 002,972,672 | ---- | M] (Microsoft Corporation) MD5=6DDCA324434FFA506CF7DC4E51DB7935 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23537_none_baa6252edde814c7\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: HAL.DLL >
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\SysNative\hal.dll
[2010.11.20 15:33:34 | 000,263,040 | ---- | M] (Microsoft Corporation) MD5=CFB8C673F9188F99466E76C6972191E0 -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_094ef8137049c196\hal.dll
< MD5 for: SCECLI.DLL >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
< MD5 for: SERVICES.EXE >
[2009.07.14 03:39:37 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=24ACB7E5BE595468E3B9AA488B9B4FCB -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2015.04.11 06:31:36 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=43DCEC23557C32F7702C8D5BC729738F -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_2df8898bfd178df8\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\SysNative\services.exe
[2015.04.13 05:28:33 | 000,328,704 | ---- | M] (Microsoft Corporation) MD5=71C85477DF9347FE8E7BC55768473FCA -- C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_2d7fe646e3ec3705\services.exe
< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\SysNative\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
< MD5 for: TCPIP.SYS >
[2017.04.04 17:34:38 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=351A21ED3971ADD558956FF3EB0F6FED -- C:\Windows\SysNative\drivers\tcpip.sys
[2017.04.04 17:34:38 | 001,895,656 | ---- | M] (Microsoft Corporation) MD5=351A21ED3971ADD558956FF3EB0F6FED -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23761_none_11947868964edb1a\tcpip.sys
[2012.10.03 19:56:54 | 001,914,248 | ---- | M] (Microsoft Corporation) MD5=37608401DFDB388CAF66917F6B2D6FB0 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_110e0fbd7d2e4b88\tcpip.sys
[2010.11.20 15:33:57 | 001,924,480 | ---- | M] (Microsoft Corporation) MD5=509383E505C973ED7534A06B3D19688D -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[2016.07.07 17:36:20 | 001,896,168 | ---- | M] (Microsoft Corporation) MD5=B2875D7ABB82867DC3AA03D991940201 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_117904649662b62b\tcpip.sys
[2012.10.03 19:44:29 | 001,902,472 | ---- | M] (Microsoft Corporation) MD5=D5707FC2300AA5B04B7BFE86D40C0133 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_11c2c45a962baed0\tcpip.sys
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\SysNative\winlogon.exe
[2014.07.17 04:07:24 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=8CEBD9D0A0A879CDE9F36F4383B7CAEA -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_cdc47ed1ebad0e4e\winlogon.exe
[2014.07.16 05:23:23 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=98AA0BFEE089C7E5DADB94190D93456C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_ce434d9704d2c730\winlogon.exe
< >
< %systemroot%*.* /U /s >
[8 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[9 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[21 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\52e747d87d6c1d84b4bd4ef8f01685e0\*.tmp files -> C:\Windows\SoftwareDistribution\Download\52e747d87d6c1d84b4bd4ef8f01685e0\*.tmp -> ]
[32 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[32 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
[3 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2017.02.09 15:25:15 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\19624
[2013.10.23 21:25:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ACD Systems
[2013.11.08 16:00:30 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Acronis
[2014.02.04 22:53:24 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Adobe
[2015.08.11 13:56:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AMD
[2016.01.16 14:09:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AnvSoft
[2015.06.28 17:32:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Apple Computer
[2013.10.24 17:44:24 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Ashampoo
[2013.10.23 20:17:47 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ATI
[2017.05.31 17:22:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Audacity
[2013.10.23 20:34:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\AVAST Software
[2014.03.09 16:10:34 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\avidemux
[2017.05.14 16:10:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DAEMON Tools Lite
[2014.06.20 19:38:22 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DivX
[2014.04.11 12:59:07 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Dropbox
[2014.04.10 14:42:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DropboxMaster
[2013.11.09 20:02:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab
[2017.01.23 12:15:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\DVDFab9
[2013.10.24 17:33:42 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\GHISLER
[2016.10.06 15:10:49 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\GRETECH
[2014.11.05 15:01:21 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICL
[2013.10.23 23:08:45 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\ICQ
[2013.10.23 20:02:31 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Identities
[2016.02.25 16:51:35 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\IsolatedStorage
[2014.02.05 12:10:39 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Leawo
[2014.05.15 18:23:28 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\library_dir
[2013.10.23 20:37:56 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Macromedia
[2009.07.14 17:36:38 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Media Center Programs
[2017.05.18 21:49:28 | 000,000,000 | --SD | M] -- C:\Users\23102013\AppData\Roaming\Microsoft
[2014.06.03 14:23:56 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\mkvtoolnix
[2017.05.11 13:31:11 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Mozilla
[2017.05.31 17:53:27 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MPC-HC
[2016.06.17 14:36:03 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\MyHeritage
[2015.05.09 14:50:58 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Notepad++
[2014.06.22 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PgcEdit
[2015.08.11 14:04:54 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Polda 6
[2016.03.22 21:54:00 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\PowerISO
[2017.01.06 22:54:01 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Seznam.cz
[2017.01.27 20:29:54 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Skype
[2016.04.09 13:05:37 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Sun
[2016.08.11 19:34:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\TeamViewer
[2014.06.22 18:41:43 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Uninstaller Tool(Comodo Forums)
[2013.11.27 19:35:25 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Unity
[2017.05.31 19:46:36 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\uTorrent
[2014.06.22 19:19:02 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\VitySoft
[2017.04.30 23:13:05 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\vlc
[2013.10.24 20:47:23 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\Wargaming.net
[2013.10.23 20:48:57 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\WinRAR
[2016.06.05 20:35:31 | 000,000,000 | ---D | M] -- C:\Users\23102013\AppData\Roaming\WoJ Emulator Extreme Edition
< %APPDATA%\*.exe /s >
[2017.01.29 22:13:12 | 000,983,040 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\DonDomnix.exe
[2017.01.29 22:13:12 | 000,983,040 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Unifinlam.exe
[2014.03.19 14:17:02 | 032,667,896 | ---- | M] (Dropbox, Inc.) -- C:\Users\23102013\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2014.03.19 14:18:14 | 000,244,648 | ---- | M] (Dropbox, Inc.) -- C:\Users\23102013\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
[2014.03.19 14:17:06 | 000,143,616 | ---- | M] (Dropbox, Inc.) -- C:\Users\23102013\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2017.03.21 15:28:28 | 001,950,176 | ---- | M] (Gretech Corporation) -- C:\Users\23102013\AppData\Roaming\GRETECH\GomPlayer\GrLauncher.exe
[2016.07.10 12:22:52 | 000,029,184 | R--- | M] () -- C:\Users\23102013\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
[2016.08.10 19:52:41 | 000,010,134 | R--- | M] () -- C:\Users\23102013\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2017.02.03 17:20:14 | 000,158,000 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\FlashGot.exe
[2017.05.23 18:29:06 | 003,452,408 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\23102013\AppData\Roaming\Mozilla\Firefox\Profiles\ihlbtflt.default\extensions\playflash@xpi\plugins\FlashPlayerPlugin_25_0_0_171.exe
[2013.05.16 15:26:24 | 002,589,256 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Seznam.cz\sznsetup.exe
[2013.04.16 12:52:34 | 000,055,808 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Seznam.cz\bin\ffkill.exe
[2016.11.01 10:51:18 | 000,091,136 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2011.04.22 05:02:57 | 007,161,856 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\Uninstaller Tool(Comodo Forums)\Uninstaller.exe
[2014.04.14 01:00:00 | 000,042,496 | ---- | M] () -- C:\Users\23102013\AppData\Roaming\uTorrent\uninstall.exe
[2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.) -- C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[32 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job >
[2017.05.31 15:41:41 | 000,000,656 | ---- | M] () -- C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,628 | ---- | M] () -- C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2017.05.31 15:41:41 | 000,000,458 | ---- | M] () -- C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\*.dll /lockedfiles >
[32 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[2017.05.31 19:36:40 | 000,065,440 | ---- | M] () -- C:\Windows\system32\Gms.log
[32 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2010.11.20 15:25:17 | 001,475,584 | ---- | M] (Microsoft Corporation)
"Google Update" = C:\Users\23102013\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe -- [2017.04.30 09:52:15 | 000,601,168 | ---- | M] (Google Inc.)
"uTorrent" = "C:\Users\23102013\AppData\Roaming\uTorrent\utorrent.exe" -- [2014.04.14 01:00:00 | 000,398,760 | ---- | M] (BitTorrent, Inc.)
"AMDDVR" = "C:\Program Files\AMD\CNext\CNext\amddvr.exe" -- [2017.05.17 16:20:18 | 001,384,328 | ---- | M] (Advanced Micro Devices, Inc.)
"CCleaner Monitoring" = "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR -- [2017.04.11 01:57:44 | 009,532,120 | ---- | M] (Piriform Ltd)
< >
< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2017.05.27 17:49:03 | 000,517,064 | ---- | M] (Mozilla Corporation) MD5=9710FABEF9AD37A3AA966AF53BCBDD1A -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2017.04.20 01:16:51 | 000,815,312 | ---- | M] (Microsoft Corporation) MD5=4020CE0DE0CC206F9BC241E5634A02DA -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
< %PROGRAMFILES%\Opera\opera.exe /md5 >
< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2017.05.09 11:12:58 | 001,143,640 | ---- | M] (Google Inc.) MD5=0FFC55BD7C6A0BC17072D2EC7D9FB341 -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
< >
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2017.05.31 19:33:18 | 000,000,512 | ---- | M] () MD5=E8B7B272FB238ECDD001E9378A7623EC -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2012.07.17 17:44:21 | 000,005,369 | ---- | M] () -- \FreeRapid-0.9\plugins\crackle.frp
[2017.02.07 15:19:50 | 000,016,642 | ---- | M] () -- \ProgramData\AVAST Software\Avast\pam\icons\cracked_com.png
[2017.02.11 12:13:23 | 000,000,808 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Converter Professional + crack\Any Video Converter Professional + crack.lnk
[2014.06.01 09:32:23 | 000,005,592 | ---- | M] () -- \Users\23102013\AppData\Roaming\VitySoft\FRD\plugins\crackle.frp
[2012.09.17 15:23:44 | 000,017,512 | ---- | M] () -- \Users\23102013\Documents\Xilisoft Corporation\HD Video Converter\crack.js
[2017.02.07 15:19:50 | 000,016,642 | ---- | M] () -- \Users\All Users\AVAST Software\Avast\pam\icons\cracked_com.png
[2017.02.11 12:13:23 | 000,000,808 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\Any Video Converter Professional + crack\Any Video Converter Professional + crack.lnk
< *keygen* /s >
< *loader* /s >
[2013.12.06 08:34:22 | 000,016,910 | ---- | M] () -- \Program Files (x86)\Avidemux 2.6\libADM_coreImageLoader6.dll
[2013.03.14 19:43:18 | 000,024,576 | ---- | M] () -- \Program Files (x86)\Common Files\Acronis\TrueImageHome\tnd_loader.bin
[2014.09.03 01:27:24 | 000,268,432 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files (x86)\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2016.09.24 11:54:24 | 000,009,632 | ---- | M] () -- \Program Files (x86)\HiSuite\skin\hisuite\com.tencent.android.qqdownloader.png
[2011.05.25 15:43:46 | 000,005,795 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2011.05.25 15:43:46 | 000,004,180 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2011.05.25 15:43:45 | 000,005,520 | ---- | M] () -- \Program Files (x86)\ICQ7.5\imApp\theme\MUICoreLib\xtraLoader.swf
[2011.07.27 16:15:18 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\icq_profile\preloader.html
[2011.05.25 15:43:57 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_forms\preloader.html
[2013.10.23 23:08:39 | 000,000,402 | ---- | M] () -- \Program Files (x86)\ICQ7.5\Xtraz\icq\content\profile_lightboxs\preloader.html
[2017.05.05 01:49:18 | 000,018,624 | ---- | M] () -- \Program Files (x86)\Mozilla Firefox\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.16 00:13:10 | 000,008,787 | ---- | M] () -- \Program Files (x86)\Notepad++\user.manual\sites\all\modules\fancy_login\images\ajax-loader.gif
[2012.12.03 16:54:38 | 000,134,456 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderATA.xss
[2012.12.03 16:54:38 | 000,112,520 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderSCSI.xss
[2012.11.29 11:34:00 | 000,117,352 | ---- | M] () -- \Program Files (x86)\Seagate\SeaTools for Windows\LoaderUSB.xss
[2017.04.11 18:16:37 | 000,221,112 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader32.exe
[2017.04.11 18:16:37 | 000,276,224 | ---- | M] () -- \Program Files\AVAST Software\Avast\aswWrcIELoader64.exe
[2017.05.09 20:32:20 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\amd64\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.09 20:32:21 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.03.22 12:36:26 | 001,408,361 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\resources\bundled_extensions\video-downloader.crx
[2017.05.17 13:02:18 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\3.55.2393.607\resources\bundled_extensions\video-downloader.crx
[2017.05.17 13:02:18 | 001,407,764 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2014.09.03 01:27:24 | 000,364,176 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
[2014.09.03 01:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2016.12.02 00:01:12 | 004,395,008 | ---- | M] () -- \Program Files\VDownloader\VDownloader4.exe
[2016.04.20 16:00:32 | 000,370,070 | ---- | M] () -- \Program Files\VDownloader\VDownloader4.ico
[2016.12.02 00:01:02 | 000,706,560 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.Controls.dll
[2016.12.02 00:01:10 | 000,802,816 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUI.dll
[2016.12.02 00:00:58 | 000,161,280 | ---- | M] () -- \Program Files\VDownloader\VDownloaderUtility.exe
[2016.06.28 19:17:02 | 000,202,830 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\Scottish English male\VDownloader.wav
[2016.06.28 19:17:16 | 000,202,830 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\Scottish male\VDownloader.wav
[2016.06.28 19:17:28 | 000,156,716 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\UK English female\VDownloader.wav
[2016.06.28 19:17:04 | 000,156,716 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\UK English woman\VDownloader.wav
[2016.06.28 19:17:10 | 000,117,582 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\US British male\VDownloader.wav
[2016.06.28 19:17:24 | 000,126,908 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\US English male (James)\VDownloader.wav
[2016.06.28 19:17:20 | 000,112,984 | ---- | M] () -- \Program Files\VDownloader\Audio\Notifications\US English male\VDownloader.wav
[2016.08.15 00:16:14 | 000,102,288 | ---- | M] () -- \Program Files\WinRAR\Ace32Loader.exe
[2016.01.26 13:41:00 | 000,003,208 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.271_0\skin\ajax-loader.gif
[2016.02.25 15:22:04 | 000,003,208 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.305_0\skin\ajax-loader.gif
[2016.01.27 18:09:18 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.114_0\icons\loader.gif
[2016.03.29 10:48:52 | 000,003,737 | ---- | M] () -- \ProgramData\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.155_0\icons\loader.gif
[2016.06.10 09:26:26 | 000,003,601 | ---- | M] () -- \ProgramData\GRETECH\GomAudio\skins\basic\MB\MB_BG_DOWNLOADER.png
[2016.06.10 09:26:26 | 000,001,770 | ---- | M] () -- \ProgramData\GRETECH\GomAudio\skins\basic\MB\MB_TITLE_DOWNLOADER.BMP
[2017.02.11 12:13:32 | 000,001,754 | ---- | M] () -- \ProgramData\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2017.04.13 08:35:24 | 000,003,605 | ---- | M] () -- \Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.10.0_0\icons\loader.gif
[2017.04.13 08:35:24 | 000,003,208 | ---- | M] () -- \Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.10.0_0\skin\ajax-loader.gif
[2015.02.22 20:49:29 | 000,002,608 | ---- | M] () -- \Users\23102013\AppData\Local\Microsoft\Windows Sidebar\Gadgets\pocasi-slunecno.gadget\loader.gif
[2017.02.11 12:11:40 | 000,001,760 | ---- | M] () -- \Users\23102013\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk
[2015.05.26 13:35:36 | 000,079,872 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\bin\19018libfoxloader-x64.dll
[2016.11.01 10:51:18 | 000,091,136 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\bin\x64loader.exe
[2015.05.30 09:58:53 | 000,000,165 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\conf\szndesktop.d\libfoxloader.conf
[2015.01.06 16:17:14 | 000,000,665 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.install.bat
[2015.01.06 16:17:14 | 000,000,117 | ---- | M] () -- \Users\23102013\AppData\Roaming\Seznam.cz\uninstall\cz_seznam_software_libfoxloader_3_2_5.uninstall.bat
[2016.01.26 13:41:00 | 000,003,208 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.271_0\skin\ajax-loader.gif
[2016.02.25 15:22:04 | 000,003,208 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\blgbpiedcngldakfgncemilphjcmnmio\1.8.12.305_0\skin\ajax-loader.gif
[2016.01.27 18:09:18 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.114_0\icons\loader.gif
[2016.03.29 10:48:52 | 000,003,737 | ---- | M] () -- \Users\All Users\AVAST Software\SZBrowser\profile\23102013\Extensions\lhnnoklckomcfdlknmjaenoodlpfdclc\0.3.25.155_0\icons\loader.gif
[2016.06.10 09:26:26 | 000,003,601 | ---- | M] () -- \Users\All Users\GRETECH\GomAudio\skins\basic\MB\MB_BG_DOWNLOADER.png
[2016.06.10 09:26:26 | 000,001,770 | ---- | M] () -- \Users\All Users\GRETECH\GomAudio\skins\basic\MB\MB_TITLE_DOWNLOADER.BMP
[2017.02.11 12:13:32 | 000,001,754 | ---- | M] () -- \Users\All Users\Microsoft\Windows\Start Menu\Programs\VDownloader\VDownloader.lnk
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2013.03.09 09:52:18 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:35:48 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:12:34 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,018,264 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 09:52:18 | 000,364,168 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:35:48 | 000,370,512 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8
[2010.03.24 21:12:34 | 000,249,680 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2010.10.07 05:36:40 | 000,265,552 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
[2013.03.09 09:17:04 | 000,019,080 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2013.03.09 09:17:04 | 000,268,440 | R--- | M] () -- \Windows\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VSTOLoader_dll_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
[2017.04.28 02:32:32 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[32 \Windows\System32\*.tmp files -> \Windows\System32\*.tmp -> ]
[2017.04.28 02:32:32 | 000,003,584 | -H-- | M] () -- \Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\SysWOW64\dmloader.dll
[32 \Windows\SysWOW64\*.tmp files -> \Windows\SysWOW64\*.tmp -> ]
[2016.10.16 09:48:36 | 000,019,136 | ---- | M] () -- \Windows\winsxs\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_56aba0211ca246c2\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:40:31 | 000,047,616 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_a1e90d98a953d601\dmloader.dll
[2009.07.14 03:24:53 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_66a6e19d9580f9e3\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:38:44 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_68d8d569926ebeb2\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_68d20a7192733a4d\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:16:37 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_68c745e9927b4528\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:11:40 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_68a6d625929398fb\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:06:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_68cc15ff92788e54\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:00:47 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_68c146139280aa45\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 01:52:00 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_68c747cf927b424f\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 08:12:24 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_68c320af927f0d5c\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 07:39:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_69239340abbb38d0\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:28:21 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_69353b6eabae8d55\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 21:10:58 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_693ce850aba95016\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:14:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_691e7920abbfd697\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 05:11:33 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_69588bcaab93ad65\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 20:05:03 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_694dbbdeab9bc956\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 23:52:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_693eeacaaba77feb\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 08:17:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_694fc03eab99f652\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:44:07 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_6907deb0abd0ec97\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:50:10 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_6908defaabd005ee\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 17:30:45 | 000,003,584 | ---- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_6950c454ab9909f7\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.28 03:09:58 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\amd64_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23796_none_690ce7baabcc5fe6\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.05.10 13:27:27 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf.manifest
[2017.05.10 13:27:27 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winload.efi.mui_35ee487d
[2017.05.10 13:27:27 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winload.exe.mui_3bc5b827
[2017.05.10 13:27:27 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winresume.efi.mui_f412814e
[2017.05.10 13:27:27 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf_winresume.exe.mui_ff8b5358
[2017.05.10 13:27:27 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2.manifest
[2017.05.10 13:27:27 | 000,706,792 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winload.efi_75834aa0
[2017.05.10 13:27:27 | 000,633,296 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winload.exe_75835076
[2017.05.10 13:27:27 | 000,631,176 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winresume.efi_85cd069f
[2017.05.10 13:27:27 | 000,546,656 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2_winresume.exe_85cd1215
[2009.07.14 04:57:50 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2009.07.14 04:57:50 | 000,019,008 | ---- | M] () -- \Windows\winsxs\Backup\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59_spldr.sys_98bd87a0
[2015.05.13 22:36:12 | 000,000,616 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009.07.14 17:15:51 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_8f37605116ba80bc.manifest
[2015.01.16 08:36:46 | 000,004,141 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_91e62f982ccfb7d0.manifest
[2015.04.27 22:33:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_91cd67042ce2d6ef.manifest
[2015.05.25 22:04:06 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_91aef7d42cf95d70.manifest
[2015.07.15 07:49:58 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_91e90a7e2ccd343e.manifest
[2015.07.15 22:47:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_91de3a922cd5502f.manifest
[2015.07.23 05:58:18 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_91cf697e2ce106c4.manifest
[2016.01.22 10:02:23 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_91e03ef22cd37d2b.manifest
[2016.03.16 23:01:39 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_91985d642d0a7370.manifest
[2016.03.18 02:10:31 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_91995dae2d098cc7.manifest
[2016.09.02 18:34:19 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_91e143082cd290d0.manifest
[2017.04.28 03:52:05 | 000,004,431 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23796_cs-cz_919d666e2d05e6bf.manifest
[2010.11.20 07:12:44 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_b94cbfa183466a89.manifest
[2011.02.05 19:34:23 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17556_none_b923808583650cfb.manifest
[2011.02.05 15:09:57 | 000,005,745 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.21655_none_b9ac1d069c83936e.manifest
[2015.01.16 08:37:02 | 000,005,511 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_b9ca7b209c6d1e03.manifest
[2015.04.27 21:40:54 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_b9b1b28c9c803d22.manifest
[2015.05.25 20:45:47 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_b993435c9c96c3a3.manifest
[2015.07.15 05:48:43 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_b9cd56069c6a9a71.manifest
[2015.07.15 20:39:45 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_b9c2861a9c72b662.manifest
[2015.07.23 03:47:39 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_b9b3b5069c7e6cf7.manifest
[2016.01.22 08:51:12 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_b9c48a7a9c70e35e.manifest
[2016.03.16 21:24:30 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_b97ca8ec9ca7d9a3.manifest
[2016.03.18 01:29:22 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_b97da9369ca6f2fa.manifest
[2016.09.02 17:55:50 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_b9c58e909c6ff703.manifest
[2017.04.28 03:35:56 | 000,005,744 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23796_none_b981b1f69ca34cf2.manifest
[2009.07.14 04:18:27 | 000,002,896 | ---- | M] () -- \Windows\winsxs\Manifests\amd64_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_c72819e06acceb59.manifest
[2016.10.16 09:48:36 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-libraryloader-l1-1-0.dll
[2009.07.14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009.07.14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:45:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:59:41 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18839_none_0ca8aa65da1dd3f2\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 19:55:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18869_none_0c883aa1da3627c5\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:47:54 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18923_none_0cad7a7bda1b1d1e\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:44:18 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18933_none_0ca2aa8fda23390f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.22 19:42:39 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18939_none_0ca8ac4bda1dd119\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.11.30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014.04.12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.04.27 20:52:26 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23040_none_0d1e4cccf34bdee0\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.05.25 20:00:35 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23072_none_0cffdd9cf3626561\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 04:51:41 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23126_none_0d39f046f3363c2f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.15 19:40:57 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23136_none_0d2f205af33e5820\api-ms-win-core-libraryloader-l1-1-0.dll
[2015.07.23 01:54:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23142_none_0d204f46f34a0eb5\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.01.22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.16 20:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.03.18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll
[2016.09.02 17:16:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23539_none_0d3228d0f33b98c1\api-ms-win-core-libraryloader-l1-1-0.dll
[2017.04.28 02:32:32 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23796_none_0cee4c36f36eeeb0\api-ms-win-core-libraryloader-l1-1-0.dll
< End of report >
-
Rudy
- Site Admin
- Příspěvky: 119669
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pc vydává zvuk
Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:
Po restartu se objevi novy log, ten sem dejte.
Do spodniho okna vlozte nasledujici text:
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.:OTL
DRV:64bit: - [2017.01.06 22:51:37 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zam64.sys -- (ZAM)
DRV:64bit: - [2017.01.06 22:51:36 | 000,203,680 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\zamguard64.sys -- (ZAM_Guard)
IE - HKU\S-1-5-21-1735690316-1509034662-2468839372-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
FF - user.js - File not found
O33 - MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\Shell - "" = AutoRun
O33 - MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\Shell\AutoRun\command - "" = H:\HiSuiteDownLoader.exe
:files
C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Po restartu se objevi novy log, ten sem dejte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pc vydává zvuk
All processes killed
========== OTL ==========
Service ZAM stopped successfully!
Service ZAM deleted successfully!
C:\Windows\SysNative\drivers\zam64.sys moved successfully.
Service ZAM_Guard stopped successfully!
Service ZAM_Guard deleted successfully!
C:\Windows\SysNative\drivers\zamguard64.sys moved successfully.
Registry key HKEY_USERS\S-1-5-21-1735690316-1509034662-2468839372-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ not found.
File H:\HiSuiteDownLoader.exe not found.
========== FILES ==========
C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\system32\SET1562.tmp moved successfully.
C:\Windows\system32\SET1DE2.tmp moved successfully.
C:\Windows\system32\SET1E73.tmp moved successfully.
C:\Windows\system32\SET2471.tmp moved successfully.
C:\Windows\system32\SET2BDD.tmp moved successfully.
C:\Windows\system32\SET4B2F.tmp moved successfully.
C:\Windows\system32\SET4BBE.tmp moved successfully.
C:\Windows\system32\SET501A.tmp moved successfully.
C:\Windows\system32\SET52A3.tmp moved successfully.
C:\Windows\system32\SET586C.tmp moved successfully.
C:\Windows\system32\SET5B43.tmp moved successfully.
C:\Windows\system32\SET5DCC.tmp moved successfully.
C:\Windows\system32\SET6275.tmp moved successfully.
C:\Windows\system32\SET6296.tmp moved successfully.
C:\Windows\system32\SET6451.tmp moved successfully.
C:\Windows\system32\SET6C1A.tmp moved successfully.
C:\Windows\system32\SET7691.tmp moved successfully.
C:\Windows\system32\SET7A42.tmp moved successfully.
C:\Windows\system32\SET822F.tmp moved successfully.
C:\Windows\system32\SET9084.tmp moved successfully.
C:\Windows\system32\SET9170.tmp moved successfully.
C:\Windows\system32\SET93E9.tmp moved successfully.
C:\Windows\system32\SET967A.tmp moved successfully.
C:\Windows\system32\SET9B62.tmp moved successfully.
C:\Windows\system32\SETA272.tmp moved successfully.
C:\Windows\system32\SETA284.tmp moved successfully.
C:\Windows\system32\SETAA0.tmp moved successfully.
C:\Windows\system32\SETD28.tmp moved successfully.
C:\Windows\system32\SETE122.tmp moved successfully.
C:\Windows\system32\SETE3CA.tmp moved successfully.
C:\Windows\system32\SETED3B.tmp moved successfully.
C:\Windows\system32\SETF63D.tmp moved successfully.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: 23102013
->Temp folder emptied: 7278634 bytes
->Temporary Internet Files folder emptied: 2896064 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 368138057 bytes
->Google Chrome cache emptied: 148283967 bytes
->Flash cache emptied: 523 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 472190520 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10410045 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 305574 bytes
Total Files Cleaned = 963,00 mb
[EMPTYFLASH]
User: 23102013
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 05312017_204821
Files\Folders moved on Reboot...
File\Folder C:\Users\23102013\AppData\Local\Temp\etilqs_CRCJTKsoqilvxZy not found!
File\Folder C:\Users\23102013\AppData\Local\Temp\etilqs_Oc8waFEQru5yD8y not found!
File\Folder C:\Users\23102013\AppData\Local\Temp\etilqs_uZOQfjg9jpvrLg5 not found!
C:\Users\23102013\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\23102013\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\Windows\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170531163606.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170531163608.log scheduled to be moved on reboot.
File\Folder C:\Windows\temp\hsperfdata_23102013-PC$\3312 not found!
C:\Windows\temp\jna4745487216613502034.dll moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
========== OTL ==========
Service ZAM stopped successfully!
Service ZAM deleted successfully!
C:\Windows\SysNative\drivers\zam64.sys moved successfully.
Service ZAM_Guard stopped successfully!
Service ZAM_Guard deleted successfully!
C:\Windows\SysNative\drivers\zamguard64.sys moved successfully.
Registry key HKEY_USERS\S-1-5-21-1735690316-1509034662-2468839372-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{502c059d-5f21-11e6-ad28-d43d7ee2d94f}\ not found.
File H:\HiSuiteDownLoader.exe not found.
========== FILES ==========
C:\Users\23102013\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
File/Folder C:\Windows\system32\*.tmp.dll not found.
C:\Windows\system32\SET1562.tmp moved successfully.
C:\Windows\system32\SET1DE2.tmp moved successfully.
C:\Windows\system32\SET1E73.tmp moved successfully.
C:\Windows\system32\SET2471.tmp moved successfully.
C:\Windows\system32\SET2BDD.tmp moved successfully.
C:\Windows\system32\SET4B2F.tmp moved successfully.
C:\Windows\system32\SET4BBE.tmp moved successfully.
C:\Windows\system32\SET501A.tmp moved successfully.
C:\Windows\system32\SET52A3.tmp moved successfully.
C:\Windows\system32\SET586C.tmp moved successfully.
C:\Windows\system32\SET5B43.tmp moved successfully.
C:\Windows\system32\SET5DCC.tmp moved successfully.
C:\Windows\system32\SET6275.tmp moved successfully.
C:\Windows\system32\SET6296.tmp moved successfully.
C:\Windows\system32\SET6451.tmp moved successfully.
C:\Windows\system32\SET6C1A.tmp moved successfully.
C:\Windows\system32\SET7691.tmp moved successfully.
C:\Windows\system32\SET7A42.tmp moved successfully.
C:\Windows\system32\SET822F.tmp moved successfully.
C:\Windows\system32\SET9084.tmp moved successfully.
C:\Windows\system32\SET9170.tmp moved successfully.
C:\Windows\system32\SET93E9.tmp moved successfully.
C:\Windows\system32\SET967A.tmp moved successfully.
C:\Windows\system32\SET9B62.tmp moved successfully.
C:\Windows\system32\SETA272.tmp moved successfully.
C:\Windows\system32\SETA284.tmp moved successfully.
C:\Windows\system32\SETAA0.tmp moved successfully.
C:\Windows\system32\SETD28.tmp moved successfully.
C:\Windows\system32\SETE122.tmp moved successfully.
C:\Windows\system32\SETE3CA.tmp moved successfully.
C:\Windows\system32\SETED3B.tmp moved successfully.
C:\Windows\system32\SETF63D.tmp moved successfully.
File/Folder C:\Windows\*.tmp not found.
========== COMMANDS ==========
[EMPTYTEMP]
User: 23102013
->Temp folder emptied: 7278634 bytes
->Temporary Internet Files folder emptied: 2896064 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 368138057 bytes
->Google Chrome cache emptied: 148283967 bytes
->Flash cache emptied: 523 bytes
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 472190520 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10410045 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 305574 bytes
Total Files Cleaned = 963,00 mb
[EMPTYFLASH]
User: 23102013
->Flash cache emptied: 0 bytes
User: All Users
User: Default
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0,00 mb
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
OTL by OldTimer - Version 3.2.69.0 log created on 05312017_204821
Files\Folders moved on Reboot...
File\Folder C:\Users\23102013\AppData\Local\Temp\etilqs_CRCJTKsoqilvxZy not found!
File\Folder C:\Users\23102013\AppData\Local\Temp\etilqs_Oc8waFEQru5yD8y not found!
File\Folder C:\Users\23102013\AppData\Local\Temp\etilqs_uZOQfjg9jpvrLg5 not found!
C:\Users\23102013\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\23102013\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 moved successfully.
C:\Users\23102013\AppData\Local\Google\Chrome\User Data\Default\Cache\index moved successfully.
File move failed. C:\Windows\temp\_avast_\AvLock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170531163606.log scheduled to be moved on reboot.
File move failed. C:\Windows\temp\SafeZone Installer\safezone_installer_20170531163608.log scheduled to be moved on reboot.
File\Folder C:\Windows\temp\hsperfdata_23102013-PC$\3312 not found!
C:\Windows\temp\jna4745487216613502034.dll moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Rudy
- Site Admin
- Příspěvky: 119669
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pc vydává zvuk
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pc vydává zvuk
Nedělá to žádný zvuk,ale to už přestalo když jsem vypnul zvuk v řadiči pro firefox.Asi bych to zatím nechal a uvidím co zítra.Zatím moc děkuji za pomoc.
-
Rudy
- Site Admin
- Příspěvky: 119669
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pc vydává zvuk
OK. Zatím není zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: pc vydává zvuk
Do teď to už zvuk neudělalo.Tak snad to bude ok.Děkuji za pomoc a vlákno můžete zamknout.
-
Rudy
- Site Admin
- Příspěvky: 119669
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pc vydává zvuk
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?