Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Kontrola logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Kontrola logu

#1 Příspěvek od ViVek »

Dobrý den, mám problém se spomalením počítače a taky mi nejdou kopírovat soubory a složky. Při kopírování vyskočí hláška, že průzkumník přestal pracovat. Po chvíli se průzkumník restartuje, ale nic se nezmění.

Log FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2017
Ran by ViVek (administrator) on VIVEK-PC (30-07-2017 13:19:26)
Running from C:\Users\ViVek\Desktop
Loaded Profiles: ViVek (Available Profiles: ViVek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\ViVek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-29] (AVAST Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2012-12-21] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-08] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [] => [X]
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [SpeedItupFree] => "C:\Program Files (x86)\SpeedItup Free\speeditupfree.exe"
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810cb-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810d8-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {6c4aef3b-dadd-11e3-9fdc-c446190a4fbd} - G:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e193a-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e1944-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e198b-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d7ff08c7-4e96-11e2-8edf-88ae1d169922} - F:\PMCsetup.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8EB40FA6-59F5-4B7A-BAAB-DD5903311DE8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5551g&r=27361012p205l0494z105v46n27266
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5551g&r=27361012p205l0494z105v46n27266
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_enCZ507
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_enCZ507
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> {AE7DE130-57C8-4DBF-BB8C-A66F3FBA0198} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=855028F8-EFD2-4EA3-925A-49BF271158B7&apn_sauid=63ACC27E-5C07-4CC6-983C-92D68A100DD6
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-29] (AVAST Software)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-29] (AVAST Software)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll => No File
Toolbar: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\ViVek\AppData\Roaming\Philips-Songbird\Profiles\uy8zjklp.default [2015-03-11]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2012-12-26] [not signed]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Czech (cs) Language Pack) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-cs@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2012-12-26] [not signed]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2012-12-26] [not signed]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2012-12-26] [not signed]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2012-12-26] [not signed]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2012-12-26] [not signed]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2012-12-26] [not signed]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2012-12-26] [not signed]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2012-12-26] [not signed]
FF ProfilePath: C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default [2017-07-30]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\t0zaij75.default -> Ask.com
FF Homepage: Mozilla\Firefox\Profiles\t0zaij75.default -> google.com
FF Extension: (Avira Browser Safety) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\abs@avira.com.xpi [2017-07-29]
FF Extension: (Avast SafePrice) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\sp@avast.com.xpi [2017-07-29]
FF Extension: (Avast Online Security) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\wrc@avast.com.xpi [2017-07-29]
FF Extension: (Adblock Plus) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-29]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-21] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2013-09-05] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-29] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-21] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default [2017-07-29]
CHR Extension: (Google Slides) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-29]
CHR Extension: (Google Docs) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-29]
CHR Extension: (Google Drive) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-29]
CHR Extension: (YouTube) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-29]
CHR Extension: (Google Sheets) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-29]
CHR Extension: (Avira Browser Safety) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-29]
CHR Extension: (Google Docs Offline) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-29]
CHR Extension: (RealDownloader) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2017-07-29]
CHR Extension: (Skype) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-29]
CHR Extension: (Gmail) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-29] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-29] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-29] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-07-29] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-07-29] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-07-29] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146696 2017-07-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015848 2017-07-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-29] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-02-25] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-30] (DT Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-02-25] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-30 13:19 - 2017-07-30 13:20 - 00024442 _____ C:\Users\ViVek\Desktop\FRST.txt
2017-07-30 13:17 - 2017-07-30 13:17 - 00112640 _____ (forum.viry.cz) C:\Users\ViVek\Desktop\FRSTLauncher.exe
2017-07-30 11:53 - 2017-07-30 11:53 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-07-30 11:21 - 2017-07-30 13:19 - 00000000 ____D C:\FRST
2017-07-30 11:19 - 2017-07-30 11:19 - 02381312 _____ (Farbar) C:\Users\ViVek\Desktop\FRST64.exe
2017-07-29 17:50 - 2017-07-29 17:50 - 06753408 _____ (ESET spol. s r.o.) C:\Users\ViVek\Downloads\esetonlinescanner_csy.exe
2017-07-29 16:52 - 2017-07-29 16:52 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-07-29 16:52 - 2017-07-29 16:52 - 00001926 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-07-29 16:52 - 2017-07-29 16:52 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\AVAST Software
2017-07-29 16:52 - 2017-07-29 16:52 - 00000000 ____D C:\Users\ViVek\AppData\Local\CEF
2017-07-29 16:52 - 2017-07-29 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-07-29 16:51 - 2017-07-29 16:52 - 00146696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-29 16:51 - 2017-07-29 16:51 - 00361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 01015848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-07-29 16:49 - 2017-07-29 16:49 - 00000000 ____D C:\Program Files\AVAST Software
2017-07-29 16:48 - 2017-07-29 19:51 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-29 16:47 - 2017-07-29 16:47 - 06948656 _____ (AVAST Software) C:\Users\ViVek\Downloads\avast_free_antivirus_setup_online_a1g.exe
2017-07-29 16:01 - 2017-07-29 16:07 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\Real
2017-07-29 16:01 - 2017-07-29 16:07 - 00000000 ____D C:\ProgramData\Real
2017-07-29 15:53 - 2017-07-29 15:53 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2017-07-29 15:53 - 2017-07-29 15:53 - 00000000 ____D C:\UpdateChromeLinksLogs
2017-07-29 10:49 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-29 10:49 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-29 10:49 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-29 10:49 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-29 10:49 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-29 10:49 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-29 10:49 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-29 10:49 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-29 10:49 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-29 10:49 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-29 10:49 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-29 10:49 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-29 10:49 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-29 10:49 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-29 10:49 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-29 10:49 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-29 10:49 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-29 10:49 - 2017-05-10 17:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-29 10:49 - 2017-05-10 17:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-07-29 10:49 - 2017-05-10 17:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-29 10:49 - 2017-05-10 17:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-07-29 10:49 - 2017-05-10 17:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-07-29 10:48 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-29 10:48 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-29 10:48 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-29 10:48 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-29 10:48 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-29 10:48 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-29 10:48 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-29 10:48 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-29 10:48 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-29 10:48 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-29 10:48 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-29 10:48 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-29 10:48 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-29 10:48 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-29 10:48 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-29 10:48 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-29 10:48 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-29 10:48 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-29 10:48 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-29 10:48 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-29 10:48 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-29 10:48 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-29 10:48 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-29 10:48 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-29 10:48 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-29 10:48 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-29 10:48 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-29 10:48 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-29 10:48 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-29 10:48 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-29 10:48 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-29 10:48 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-29 10:48 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-29 10:48 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-29 10:48 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-29 10:48 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-29 10:48 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-29 10:48 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-29 10:48 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-29 10:48 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-29 10:48 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-29 10:48 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-29 10:48 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-29 10:48 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-29 10:48 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-29 10:48 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-29 10:48 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-29 10:48 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-29 10:48 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-29 10:48 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-29 10:48 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-29 10:48 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-29 10:48 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-29 10:48 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-29 10:48 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-29 10:48 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-29 10:48 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-29 10:48 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-29 10:48 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-29 10:48 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-29 10:48 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-29 10:48 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-29 10:48 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-29 10:48 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-29 10:48 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-29 10:48 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-29 10:48 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-29 10:48 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-29 10:48 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-29 10:48 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-29 10:48 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-29 10:48 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-29 10:48 - 2017-06-02 10:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-07-29 10:48 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-29 10:48 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-29 10:48 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-29 10:48 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-29 10:48 - 2017-05-12 20:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-29 10:48 - 2017-05-12 20:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-29 10:48 - 2017-05-12 20:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-07-29 10:48 - 2017-05-12 20:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-07-29 10:48 - 2017-05-12 20:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-29 10:48 - 2017-05-12 20:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-07-29 10:48 - 2017-05-12 20:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-07-29 10:48 - 2017-05-12 20:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-07-29 10:48 - 2017-05-12 20:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-29 10:48 - 2017-05-12 19:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-07-29 10:48 - 2017-05-12 19:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-07-29 10:48 - 2017-05-12 18:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-07-29 10:48 - 2017-05-12 17:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-29 10:48 - 2017-05-12 17:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-29 10:48 - 2017-05-10 17:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-29 10:48 - 2017-05-10 17:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-07-29 10:48 - 2017-05-10 17:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-07-29 10:48 - 2017-05-10 17:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-07-29 10:48 - 2017-05-10 17:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-29 10:48 - 2017-05-10 17:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-29 10:48 - 2017-05-10 17:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-07-29 10:48 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-07-29 10:48 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-07-29 10:48 - 2017-05-10 17:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-29 10:48 - 2017-05-10 17:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-29 10:48 - 2017-05-10 16:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-07-29 10:48 - 2017-05-09 17:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-07-29 10:48 - 2017-05-09 17:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-29 10:48 - 2017-05-09 17:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-07-29 10:48 - 2017-05-07 17:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-07-29 10:48 - 2017-04-28 00:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-07-29 10:48 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-07-29 10:48 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-07-29 10:48 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-29 10:48 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-07-29 10:48 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-07-29 10:48 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-29 10:48 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-07-29 10:48 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-07-29 10:48 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-07-29 10:48 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-07-29 10:48 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-07-29 10:48 - 2017-04-12 15:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-07-29 10:48 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-07-29 10:48 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-07-29 10:48 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-07-29 10:48 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-07-29 10:48 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-07-29 10:48 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-07-29 10:48 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-07-29 10:48 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-07-29 10:48 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-07-29 10:48 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-07-29 10:48 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-07-29 10:47 - 2017-07-06 06:56 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-07-29 10:47 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-29 10:47 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-29 10:47 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-29 10:47 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-29 10:47 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-29 10:47 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-29 10:47 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-29 10:47 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-29 10:47 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-29 10:47 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-29 10:47 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-29 10:47 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-29 10:47 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-29 10:47 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-29 10:47 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-29 10:47 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-29 10:47 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-29 10:47 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-29 10:47 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-29 10:47 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-29 10:47 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-29 10:47 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-29 10:47 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-29 10:47 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-29 10:47 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-29 10:47 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-07-29 10:47 - 2017-05-12 19:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-07-29 10:47 - 2017-05-12 19:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-07-29 10:47 - 2017-05-12 19:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-07-29 10:47 - 2017-05-12 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-07-29 10:47 - 2017-05-12 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-07-29 10:47 - 2017-05-12 19:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-07-29 10:47 - 2017-05-12 19:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-07-29 10:47 - 2017-05-12 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-07-29 10:47 - 2017-05-12 19:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-07-29 10:47 - 2017-05-10 17:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-07-29 10:47 - 2017-05-10 17:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-07-29 10:47 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-07-29 10:47 - 2017-05-10 17:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-07-29 10:47 - 2017-05-07 17:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-07-29 10:47 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-07-29 10:47 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-07-29 10:47 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-07-29 10:47 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-07-29 10:47 - 2017-03-30 17:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-07-29 10:47 - 2017-03-30 16:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-07-29 10:47 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-07-29 10:47 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-07-29 10:47 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-07-29 10:47 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-07-29 10:47 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-07-29 10:47 - 2017-03-04 03:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-07-29 10:47 - 2017-03-04 03:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-07-29 10:47 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-07-29 10:47 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-07-29 10:39 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-29 10:39 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-29 10:39 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-30 13:16 - 2017-03-05 23:32 - 00000000 ____D C:\Users\ViVek\AppData\LocalLow\Mozilla
2017-07-30 12:59 - 2013-12-19 14:00 - 00000414 _____ C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2017-07-30 12:01 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-30 12:01 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-30 11:51 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-30 11:06 - 2013-10-21 15:48 - 00000000 ____D C:\Windows\Minidump
2017-07-30 10:36 - 2012-10-28 15:11 - 00000000 ____D C:\Vojta
2017-07-30 10:24 - 2009-07-14 06:45 - 00409408 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-30 10:19 - 2014-12-13 00:21 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-30 10:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-07-30 10:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-07-30 10:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-30 00:14 - 2013-07-28 03:01 - 00000000 ____D C:\Windows\system32\MRT
2017-07-30 00:02 - 2013-05-26 14:40 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-29 23:12 - 2013-02-10 19:59 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\uTorrent
2017-07-29 23:11 - 2013-12-12 14:52 - 00000000 ____D C:\Program Files (x86)\SpeedItup Free
2017-07-29 18:06 - 2013-06-12 23:43 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\vlc
2017-07-29 17:50 - 2012-10-28 20:22 - 00000000 ____D C:\Users\ViVek\AppData\Local\ESET
2017-07-29 17:02 - 2010-04-12 05:36 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-29 16:55 - 2012-10-28 15:13 - 00000000 ____D C:\Users\ViVek\AppData\Local\Google
2017-07-29 16:49 - 2013-05-01 20:46 - 00000000 ____D C:\ProgramData\Avira
2017-07-29 16:29 - 2013-10-03 09:29 - 00000292 _____ C:\Users\ViVek\Desktop\New Text Document.txt
2017-07-29 16:00 - 2017-03-05 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-29 16:00 - 2012-10-29 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-29 15:59 - 2014-07-27 15:28 - 00000000 ____D C:\Program Files (x86)\ATMA V
2017-07-29 15:59 - 2014-06-13 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-07-29 15:59 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-07-29 15:53 - 2013-05-01 20:52 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\Avira
2017-07-29 15:51 - 2010-04-12 05:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-29 15:25 - 2014-07-27 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hero Editor
2017-07-29 14:41 - 2013-05-31 15:49 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\.minecraft
2017-07-29 14:35 - 2012-11-06 17:12 - 00000000 ____D C:\ProgramData\Skype
2017-07-29 14:32 - 2014-04-27 15:27 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-07-29 14:32 - 2014-04-27 15:26 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-29 14:31 - 2012-10-28 14:43 - 00109296 _____ C:\Users\ViVek\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-29 14:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-29 14:18 - 2015-12-06 15:29 - 00000747 _____ C:\Windows\wininit.ini
2017-07-29 14:18 - 2014-01-11 21:13 - 00000000 ____D C:\Users\ViVek\AppData\Local\Unity
2017-07-29 10:43 - 2015-01-06 15:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-07-29 09:43 - 2012-12-12 14:34 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-29 09:43 - 2012-10-29 20:15 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-29 09:43 - 2012-10-29 20:15 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 09:41 - 2012-10-29 20:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-29 09:41 - 2010-04-12 05:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-29 09:36 - 2013-06-05 14:18 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\Ubisoft
2017-07-29 09:31 - 2017-04-29 18:29 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-492704335-1948801875-3094986961-1000
2017-07-29 09:31 - 2017-04-29 18:29 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-492704335-1948801875-3094986961-1000

==================== Files in the root of some directories =======

2010-04-12 05:17 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2013-12-12 14:53 - 2013-12-12 14:53 - 0000051 _____ () C:\ProgramData\spds90.txt

Some files in TEMP:
====================
2017-07-29 14:41 - 2013-10-01 16:48 - 0069254 _____ () C:\Users\ViVek\AppData\Local\Temp\Uninstall.exe
2008-03-27 01:59 - 2008-03-27 01:59 - 0459400 ____R (Macrovision Corporation) C:\Users\ViVek\AppData\Local\Temp\_isE3CA.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-29 12:49

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:582.07 GB) (Free:255.85 GB) NTFS

Available physical RAM: 2211.45 MB
Total physical RAM: 4090.9 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: BEC8B9D6)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [132]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [135]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ViVek\Desktop" je 4 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Re: Kontrola logu

#3 Příspěvek od ViVek »

Tady je log z AdwCleaner

# AdwCleaner 7.0.0.0 - Logfile created on Sun Jul 30 14:11:53 2017
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\PC Optimizer Pro
Deleted: C:\ProgramData\Application Data\PC Optimizer Pro
Deleted: C:\Users\All Users\PC Optimizer Pro
Deleted: C:\Program Files (x86)\SpeedItup Free
Deleted: C:\ProgramData\Ask
Deleted: C:\ProgramData\Application Data\Ask
Deleted: C:\Users\All Users\Ask
Deleted: C:\ProgramData\Partner
Deleted: C:\ProgramData\Application Data\Partner
Deleted: C:\Users\All Users\Partner
Deleted: C:\Program Files (x86)\MyPC Backup


***** [ Files ] *****

Deleted: C:\Windows\SpeedItup Free Setup Log.txt


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\PC Optimizer Pro
Deleted: [Key] - HKCU\Software\PC Optimizer Pro
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sp.ask.com
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Deleted: [Key] - HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\APN PIP
Deleted: [Key] - HKCU\Software\APN PIP
Deleted: [Value] - HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Deleted: [Value] - HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Windows\CurrentVersion\Run|SpeedItupFree
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|SpeedItupFree
Deleted: [Key] - HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKLM\SOFTWARE\systweak


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2988 B] - [2017/7/30 14:11:12]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Re: Kontrola logu

#5 Příspěvek od ViVek »

Tady je.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2017
Ran by ViVek (administrator) on VIVEK-PC (30-07-2017 17:56:31)
Running from C:\Users\ViVek\Desktop
Loaded Profiles: ViVek (Available Profiles: ViVek)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(forum.viry.cz) C:\Users\ViVek\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-02-01] (Egis Technology Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-01-13] ()
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860192 2010-02-05] (Acer Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-29] (AVAST Software)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-02-01] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-25] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-09] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1300560 2010-03-03] (Dritek System Inc.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2012-12-21] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Philips Device Listener] => C:\Program Files (x86)\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [380416 2012-02-08] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [] => [X]
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810cb-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810d8-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {6c4aef3b-dadd-11e3-9fdc-c446190a4fbd} - G:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e193a-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e1944-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e198b-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d7ff08c7-4e96-11e2-8edf-88ae1d169922} - F:\PMCsetup.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-10-28]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8EB40FA6-59F5-4B7A-BAAB-DD5903311DE8}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5551g&r=27361012p205l0494z105v46n27266
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=aspire_5551g&r=27361012p205l0494z105v46n27266
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_enCZ507
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_enCZ507
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> {AE7DE130-57C8-4DBF-BB8C-A66F3FBA0198} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=855028F8-EFD2-4EA3-925A-49BF271158B7&apn_sauid=63ACC27E-5C07-4CC6-983C-92D68A100DD6
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-07-29] (AVAST Software)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2012-11-29] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-07-29] (AVAST Software)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll => No File
Toolbar: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\ViVek\AppData\Roaming\Philips-Songbird\Profiles\uy8zjklp.default [2015-03-11]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2012-12-26] [not signed]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Czech (cs) Language Pack) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-cs@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2012-12-26] [not signed]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2012-12-26] [not signed]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2012-12-26] [not signed]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2012-12-26] [not signed]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2012-12-26] [not signed]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2012-12-26] [not signed]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2012-12-26] [not signed]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2012-12-26] [not signed]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2012-12-26] [not signed]
FF ProfilePath: C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default [2017-07-30]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\t0zaij75.default -> Ask.com
FF Homepage: Mozilla\Firefox\Profiles\t0zaij75.default -> google.com
FF Extension: (Avira Browser Safety) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\abs@avira.com.xpi [2017-07-29]
FF Extension: (Avast SafePrice) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\sp@avast.com.xpi [2017-07-29]
FF Extension: (Avast Online Security) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\wrc@avast.com.xpi [2017-07-29]
FF Extension: (Adblock Plus) - C:\Users\ViVek\AppData\Roaming\Mozilla\Firefox\Profiles\t0zaij75.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-29]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012-12-21] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [te_7.0@nokia.com] - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0
FF Extension: (No Name) - C:\Program Files (x86)\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2013-09-05] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-29] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-11-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-12-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2012-11-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-12-21] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2012-11-29] (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default [2017-07-30]
CHR Extension: (Google Slides) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-29]
CHR Extension: (Google Docs) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-29]
CHR Extension: (Google Drive) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-29]
CHR Extension: (YouTube) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-29]
CHR Extension: (Google Sheets) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-29]
CHR Extension: (Avira Browser Safety) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-29]
CHR Extension: (Google Docs Offline) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-29]
CHR Extension: (RealDownloader) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2017-07-29]
CHR Extension: (Skype) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-29]
CHR Extension: (Gmail) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\ViVek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-29]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-29] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-29] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-02-01] (Egis Technology Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-09] (NewTech Infosystems, Inc.) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-07-29] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-07-29] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-07-29] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-07-29] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-07-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146696 2017-07-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-07-29] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-07-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015848 2017-07-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-07-29] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-07-29] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-07-29] (AVAST Software)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-02-25] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-30] (DT Soft Ltd)
S3 GEARAspiWDM; C:\Windows\SysWOW64\Drivers\GEARAspiWDM.sys [15664 2011-07-15] (GEAR Software Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-02-25] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-30 17:55 - 2017-07-30 17:55 - 00112640 _____ (forum.viry.cz) C:\Users\ViVek\Desktop\FRSTLauncher.exe
2017-07-30 16:16 - 2017-07-30 16:16 - 00002809 _____ C:\Users\ViVek\Desktop\AdwCleaner[C0].txt
2017-07-30 16:08 - 2017-07-30 16:11 - 00000000 ____D C:\AdwCleaner
2017-07-30 15:41 - 2017-07-30 15:45 - 08162248 _____ (Malwarebytes) C:\Users\ViVek\Desktop\adwcleaner_7.0.0.0.exe
2017-07-30 13:19 - 2017-07-30 17:58 - 00024426 _____ C:\Users\ViVek\Desktop\FRST.txt
2017-07-30 11:21 - 2017-07-30 17:56 - 00000000 ____D C:\FRST
2017-07-30 11:19 - 2017-07-30 11:19 - 02381312 _____ (Farbar) C:\Users\ViVek\Desktop\FRST64.exe
2017-07-29 17:50 - 2017-07-29 17:50 - 06753408 _____ (ESET spol. s r.o.) C:\Users\ViVek\Downloads\esetonlinescanner_csy.exe
2017-07-29 16:52 - 2017-07-29 16:52 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-07-29 16:52 - 2017-07-29 16:52 - 00001926 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-07-29 16:52 - 2017-07-29 16:52 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\AVAST Software
2017-07-29 16:52 - 2017-07-29 16:52 - 00000000 ____D C:\Users\ViVek\AppData\Local\CEF
2017-07-29 16:52 - 2017-07-29 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-07-29 16:51 - 2017-07-29 16:52 - 00146696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-07-29 16:51 - 2017-07-29 16:51 - 00361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-07-29 16:51 - 2017-07-29 16:51 - 00046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 01015848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-07-29 16:51 - 2017-07-29 16:50 - 00057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-07-29 16:49 - 2017-07-29 16:49 - 00000000 ____D C:\Program Files\AVAST Software
2017-07-29 16:48 - 2017-07-29 19:51 - 00000000 ____D C:\ProgramData\AVAST Software
2017-07-29 16:47 - 2017-07-29 16:47 - 06948656 _____ (AVAST Software) C:\Users\ViVek\Downloads\avast_free_antivirus_setup_online_a1g.exe
2017-07-29 16:01 - 2017-07-29 16:07 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\Real
2017-07-29 16:01 - 2017-07-29 16:07 - 00000000 ____D C:\ProgramData\Real
2017-07-29 15:53 - 2017-07-29 15:53 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdiplus.dll
2017-07-29 15:53 - 2017-07-29 15:53 - 00000000 ____D C:\UpdateChromeLinksLogs
2017-07-29 10:49 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-29 10:49 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-29 10:49 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-29 10:49 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-29 10:49 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-29 10:49 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-29 10:49 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-29 10:49 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-29 10:49 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-29 10:49 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-29 10:49 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-29 10:49 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-29 10:49 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-29 10:49 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-29 10:49 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-29 10:49 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-29 10:49 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-29 10:49 - 2017-05-10 17:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-07-29 10:49 - 2017-05-10 17:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-07-29 10:49 - 2017-05-10 17:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-07-29 10:49 - 2017-05-10 17:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-07-29 10:49 - 2017-05-10 17:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:36 - 00011608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2017-07-29 10:49 - 2017-01-18 17:35 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2017-07-29 10:48 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-29 10:48 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-29 10:48 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-29 10:48 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-29 10:48 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-29 10:48 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-29 10:48 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-29 10:48 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-29 10:48 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-29 10:48 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-29 10:48 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-29 10:48 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-29 10:48 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-29 10:48 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-29 10:48 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-29 10:48 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-29 10:48 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-29 10:48 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-29 10:48 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-29 10:48 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-29 10:48 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-29 10:48 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-29 10:48 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-29 10:48 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-29 10:48 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-29 10:48 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-29 10:48 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-29 10:48 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-29 10:48 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-29 10:48 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-29 10:48 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-29 10:48 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-29 10:48 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-29 10:48 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-29 10:48 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-29 10:48 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-29 10:48 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-29 10:48 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-29 10:48 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-29 10:48 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-29 10:48 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-29 10:48 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-29 10:48 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-29 10:48 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-29 10:48 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-29 10:48 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-29 10:48 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-29 10:48 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-29 10:48 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-29 10:48 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-29 10:48 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-29 10:48 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-29 10:48 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-29 10:48 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-29 10:48 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-29 10:48 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-29 10:48 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-29 10:48 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-29 10:48 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-29 10:48 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-29 10:48 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-29 10:48 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-29 10:48 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-29 10:48 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-29 10:48 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-29 10:48 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-29 10:48 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-29 10:48 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-29 10:48 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-29 10:48 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-29 10:48 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-29 10:48 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-29 10:48 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-29 10:48 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-29 10:48 - 2017-06-02 10:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-07-29 10:48 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-29 10:48 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-29 10:48 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-29 10:48 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-29 10:48 - 2017-05-12 20:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-07-29 10:48 - 2017-05-12 20:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-07-29 10:48 - 2017-05-12 20:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-07-29 10:48 - 2017-05-12 20:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-07-29 10:48 - 2017-05-12 20:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-07-29 10:48 - 2017-05-12 20:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-07-29 10:48 - 2017-05-12 20:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-07-29 10:48 - 2017-05-12 20:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-07-29 10:48 - 2017-05-12 20:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-07-29 10:48 - 2017-05-12 20:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-07-29 10:48 - 2017-05-12 20:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-07-29 10:48 - 2017-05-12 19:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-07-29 10:48 - 2017-05-12 19:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-07-29 10:48 - 2017-05-12 18:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-07-29 10:48 - 2017-05-12 17:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-07-29 10:48 - 2017-05-12 17:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-07-29 10:48 - 2017-05-10 17:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-07-29 10:48 - 2017-05-10 17:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-07-29 10:48 - 2017-05-10 17:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-07-29 10:48 - 2017-05-10 17:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-07-29 10:48 - 2017-05-10 17:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-07-29 10:48 - 2017-05-10 17:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-07-29 10:48 - 2017-05-10 17:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-07-29 10:48 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-07-29 10:48 - 2017-05-10 17:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-07-29 10:48 - 2017-05-10 17:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-07-29 10:48 - 2017-05-10 17:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-07-29 10:48 - 2017-05-10 16:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-07-29 10:48 - 2017-05-09 17:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-07-29 10:48 - 2017-05-09 17:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-07-29 10:48 - 2017-05-09 17:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-07-29 10:48 - 2017-05-07 17:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-07-29 10:48 - 2017-04-28 00:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-07-29 10:48 - 2017-04-21 17:34 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2017-07-29 10:48 - 2017-04-21 17:15 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2017-07-29 10:48 - 2017-04-17 17:37 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-07-29 10:48 - 2017-04-17 17:37 - 00876544 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2017-07-29 10:48 - 2017-04-17 17:37 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-07-29 10:48 - 2017-04-17 17:12 - 01417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-07-29 10:48 - 2017-04-17 17:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2017-07-29 10:48 - 2017-04-12 17:32 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2017-07-29 10:48 - 2017-04-12 17:26 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2017-07-29 10:48 - 2017-04-12 17:25 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2017-07-29 10:48 - 2017-04-12 17:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2017-07-29 10:48 - 2017-04-12 17:25 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2017-07-29 10:48 - 2017-04-12 15:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-07-29 10:48 - 2017-04-05 16:55 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-07-29 10:48 - 2017-04-05 16:55 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-07-29 10:48 - 2017-04-05 16:55 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-07-29 10:48 - 2017-04-04 16:53 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2017-07-29 10:48 - 2017-03-10 18:32 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2017-07-29 10:48 - 2017-03-10 18:20 - 01508352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pla.dll
2017-07-29 10:48 - 2017-03-10 17:55 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2017-07-29 10:48 - 2017-03-10 17:55 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2017-07-29 10:48 - 2017-03-04 03:27 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-07-29 10:48 - 2017-03-04 03:14 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-07-29 10:48 - 2017-02-09 18:32 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-07-29 10:47 - 2017-07-06 06:56 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-07-29 10:47 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-29 10:47 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-29 10:47 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-29 10:47 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-29 10:47 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-29 10:47 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-29 10:47 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-29 10:47 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-29 10:47 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-29 10:47 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-29 10:47 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-29 10:47 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-29 10:47 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-29 10:47 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-29 10:47 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-29 10:47 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-29 10:47 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-29 10:47 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-29 10:47 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-29 10:47 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-29 10:47 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-29 10:47 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-29 10:47 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-29 10:47 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-29 10:47 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-29 10:47 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-29 10:47 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-29 10:47 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-29 10:47 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-29 10:47 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-29 10:47 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 20:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-07-29 10:47 - 2017-05-12 19:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-07-29 10:47 - 2017-05-12 19:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-07-29 10:47 - 2017-05-12 19:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-07-29 10:47 - 2017-05-12 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-07-29 10:47 - 2017-05-12 19:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-07-29 10:47 - 2017-05-12 19:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-07-29 10:47 - 2017-05-12 19:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-07-29 10:47 - 2017-05-12 19:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-07-29 10:47 - 2017-05-12 19:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-07-29 10:47 - 2017-05-12 19:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-07-29 10:47 - 2017-05-10 17:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-07-29 10:47 - 2017-05-10 17:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-07-29 10:47 - 2017-05-10 17:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-07-29 10:47 - 2017-05-10 17:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-07-29 10:47 - 2017-05-07 17:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-07-29 10:47 - 2017-04-17 17:37 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-07-29 10:47 - 2017-04-17 17:37 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-07-29 10:47 - 2017-04-17 17:12 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-07-29 10:47 - 2017-04-17 16:54 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-07-29 10:47 - 2017-03-30 17:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-07-29 10:47 - 2017-03-30 16:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
2017-07-29 10:47 - 2017-03-10 18:32 - 00300544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2017-07-29 10:47 - 2017-03-10 18:20 - 00237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdh.dll
2017-07-29 10:47 - 2017-03-10 17:57 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\plasrv.exe
2017-07-29 10:47 - 2017-03-07 18:30 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2017-07-29 10:47 - 2017-03-07 18:17 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2017-07-29 10:47 - 2017-03-04 03:27 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\mfmjpegdec.dll
2017-07-29 10:47 - 2017-03-04 03:14 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmjpegdec.dll
2017-07-29 10:47 - 2017-02-09 18:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2017-07-29 10:47 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2017-07-29 10:39 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-29 10:39 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-29 10:39 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-29 10:39 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-30 16:23 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-30 16:23 - 2009-07-14 06:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-30 16:16 - 2017-03-05 23:32 - 00000000 ____D C:\Users\ViVek\AppData\LocalLow\Mozilla
2017-07-30 16:13 - 2013-12-19 14:00 - 00000414 _____ C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2017-07-30 16:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-30 15:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-07-30 11:06 - 2013-10-21 15:48 - 00000000 ____D C:\Windows\Minidump
2017-07-30 10:36 - 2012-10-28 15:11 - 00000000 ____D C:\Vojta
2017-07-30 10:24 - 2009-07-14 06:45 - 00409408 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-30 10:19 - 2014-12-13 00:21 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-30 10:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-07-30 10:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-07-30 10:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-07-30 00:14 - 2013-07-28 03:01 - 00000000 ____D C:\Windows\system32\MRT
2017-07-30 00:02 - 2013-05-26 14:40 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-29 23:12 - 2013-02-10 19:59 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\uTorrent
2017-07-29 18:06 - 2013-06-12 23:43 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\vlc
2017-07-29 17:50 - 2012-10-28 20:22 - 00000000 ____D C:\Users\ViVek\AppData\Local\ESET
2017-07-29 17:02 - 2010-04-12 05:36 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-29 16:55 - 2012-10-28 15:13 - 00000000 ____D C:\Users\ViVek\AppData\Local\Google
2017-07-29 16:49 - 2013-05-01 20:46 - 00000000 ____D C:\ProgramData\Avira
2017-07-29 16:29 - 2013-10-03 09:29 - 00000292 _____ C:\Users\ViVek\Desktop\New Text Document.txt
2017-07-29 16:00 - 2017-03-05 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-29 16:00 - 2012-10-29 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-29 15:59 - 2014-07-27 15:28 - 00000000 ____D C:\Program Files (x86)\ATMA V
2017-07-29 15:59 - 2014-06-13 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-07-29 15:59 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-07-29 15:53 - 2013-05-01 20:52 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\Avira
2017-07-29 15:51 - 2010-04-12 05:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-29 15:25 - 2014-07-27 15:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hero Editor
2017-07-29 14:41 - 2013-05-31 15:49 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\.minecraft
2017-07-29 14:35 - 2012-11-06 17:12 - 00000000 ____D C:\ProgramData\Skype
2017-07-29 14:32 - 2014-04-27 15:27 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-07-29 14:32 - 2014-04-27 15:26 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-29 14:31 - 2012-10-28 14:43 - 00109296 _____ C:\Users\ViVek\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-29 14:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-07-29 14:18 - 2015-12-06 15:29 - 00000747 _____ C:\Windows\wininit.ini
2017-07-29 14:18 - 2014-01-11 21:13 - 00000000 ____D C:\Users\ViVek\AppData\Local\Unity
2017-07-29 10:43 - 2015-01-06 15:40 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-07-29 09:43 - 2012-12-12 14:34 - 00004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-29 09:43 - 2012-10-29 20:15 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-07-29 09:43 - 2012-10-29 20:15 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 09:41 - 2012-10-29 20:15 - 00000000 ____D C:\Windows\system32\Macromed
2017-07-29 09:41 - 2010-04-12 05:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-07-29 09:36 - 2013-06-05 14:18 - 00000000 ____D C:\Users\ViVek\AppData\Roaming\Ubisoft
2017-07-29 09:31 - 2017-04-29 18:29 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-492704335-1948801875-3094986961-1000
2017-07-29 09:31 - 2017-04-29 18:29 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-492704335-1948801875-3094986961-1000

==================== Files in the root of some directories =======

2010-04-12 05:17 - 2010-01-27 16:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
2013-12-12 14:53 - 2013-12-12 14:53 - 0000051 _____ () C:\ProgramData\spds90.txt

Some files in TEMP:
====================
2017-07-29 14:41 - 2013-10-01 16:48 - 0069254 _____ () C:\Users\ViVek\AppData\Local\Temp\Uninstall.exe
2008-03-27 01:59 - 2008-03-27 01:59 - 0459400 ____R (Macrovision Corporation) C:\Users\ViVek\AppData\Local\Temp\_isE3CA.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-29 12:49

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:582.07 GB) (Free:256.41 GB) NTFS

Available physical RAM: 2292.38 MB
Total physical RAM: 4090.9 MB
Percentage of memory in use: 43%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: BEC8B9D6)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582.1 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [132]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [135]

==================== Security Center ==================

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\ViVek\Desktop" je 11 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [] => [X]
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810cb-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810d8-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {6c4aef3b-dadd-11e3-9fdc-c446190a4fbd} - G:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e193a-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e1944-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e198b-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d7ff08c7-4e96-11e2-8edf-88ae1d169922} - F:\PMCsetup.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> {AE7DE130-57C8-4DBF-BB8C-A66F3FBA0198} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=855028F8-EFD2-4EA3-925A-49BF271158B7&apn_sauid=63ACC27E-5C07-4CC6-983C-92D68A100DD6
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll => No File
Toolbar: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
C:\Program Files (x86)\Google\Google Toolbar
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\t0zaij75.default -> Ask.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
C:\Users\ViVek\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [132]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [135]

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Re: Kontrola logu

#7 Příspěvek od ViVek »

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-07-2017
Ran by ViVek (30-07-2017 18:41:24) Run:1
Running from C:\Users\ViVek\Desktop
Loaded Profiles: ViVek (Available Profiles: ViVek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\Run: [] => [X]
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810cb-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {4d6810d8-10a0-11e3-aa94-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {6c4aef3b-dadd-11e3-9fdc-c446190a4fbd} - G:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e193a-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e1944-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d20e198b-538d-11e3-89a2-88ae1d169922} - F:\Autorun.exe
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\...\MountPoints2: {d7ff08c7-4e96-11e2-8edf-88ae1d169922} - F:\PMCsetup.exe
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> {AE7DE130-57C8-4DBF-BB8C-A66F3FBA0198} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=855028F8-EFD2-4EA3-925A-49BF271158B7&apn_sauid=63ACC27E-5C07-4CC6-983C-92D68A100DD6
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll => No File
Toolbar: HKU\S-1-5-21-492704335-1948801875-3094986961-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
C:\Program Files (x86)\Google\Google Toolbar
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\t0zaij75.default -> Ask.com
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [X]
C:\Users\ViVek\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [132]
AlternateDataStreams: C:\ProgramData\Temp:93EB7685 [135]

EmptyTemp:
End
*****************

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => key removed successfully
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d6810cb-10a0-11e3-aa94-88ae1d169922} => key removed successfully
HKLM\Software\Classes\CLSID\{4d6810cb-10a0-11e3-aa94-88ae1d169922} => key not found.
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d6810d8-10a0-11e3-aa94-88ae1d169922} => key removed successfully
HKLM\Software\Classes\CLSID\{4d6810d8-10a0-11e3-aa94-88ae1d169922} => key not found.
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6c4aef3b-dadd-11e3-9fdc-c446190a4fbd} => key removed successfully
HKLM\Software\Classes\CLSID\{6c4aef3b-dadd-11e3-9fdc-c446190a4fbd} => key not found.
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d20e193a-538d-11e3-89a2-88ae1d169922} => key removed successfully
HKLM\Software\Classes\CLSID\{d20e193a-538d-11e3-89a2-88ae1d169922} => key not found.
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d20e1944-538d-11e3-89a2-88ae1d169922} => key removed successfully
HKLM\Software\Classes\CLSID\{d20e1944-538d-11e3-89a2-88ae1d169922} => key not found.
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d20e198b-538d-11e3-89a2-88ae1d169922} => key removed successfully
HKLM\Software\Classes\CLSID\{d20e198b-538d-11e3-89a2-88ae1d169922} => key not found.
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d7ff08c7-4e96-11e2-8edf-88ae1d169922} => key removed successfully
HKLM\Software\Classes\CLSID\{d7ff08c7-4e96-11e2-8edf-88ae1d169922} => key not found.
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE7DE130-57C8-4DBF-BB8C-A66F3FBA0198} => key removed successfully
HKLM\Software\Classes\CLSID\{AE7DE130-57C8-4DBF-BB8C-A66F3FBA0198} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} => key removed successfully
HKU\S-1-5-21-492704335-1948801875-3094986961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => key removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => key not found.
"C:\Program Files (x86)\Google\Google Toolbar" => not found.
Firefox SearchEngineOrder.1 removed successfully
HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com => value removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\System\CurrentControlSet\Services\McNASvc => key removed successfully
McNASvc => service removed successfully
HKLM\System\CurrentControlSet\Services\McProxy => key removed successfully
McProxy => service removed successfully

"C:\Users\ViVek\AppData\Local\Temp" folder move:

Could not move "C:\Users\ViVek\AppData\Local\Temp" => Scheduled to move on reboot.

C:\ProgramData\Temp => ":5D7E5A8F" ADS removed successfully.
C:\ProgramData\Temp => ":93EB7685" ADS removed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14491045 B
Java, Flash, Steam htmlcache => 26631039 B
Windows/system/drivers => 5116749888 B
Edge => 0 B
Chrome => 8190546 B
Firefox => 151156727 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 46501413 B
systemprofile32 => 525804 B
LocalService => 66228 B
NetworkService => 196912 B
ViVek => 136114650 B

RecycleBin => 155000 B
EmptyTemp: => 5.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 30-07-2017 18:45:41)

C:\Users\ViVek\AppData\Local\Temp => moved successfully

==== End of Fixlog 18:45:43 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Re: Kontrola logu

#9 Příspěvek od ViVek »

Startuje rychleji než startoval, ale chyba s kopirováním přetrvává. Vyhazuje to tyto okna.
Přílohy
we.jpg
we.jpg (39.23 KiB) Zobrazeno 2750 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#10 Příspěvek od Rudy »

Zkusíme ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php . Dejte log, předem nic nemažte. Toto ale většinou bývá systémový problém.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Re: Kontrola logu

#11 Příspěvek od ViVek »

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 7/30/17
Scan Time: 8:11 PM
Log File: res.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2469
License: Trial

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ViVek-PC\ViVek

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 333712
Threats Detected: 34
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 4 min, 38 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 24
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\spdfrmon.Gate, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\spdfrmon.Gate.1, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\APPID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\TYPELIB\{A1011E88-B997-11CF-2222-0080C7B2D6BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\INTERFACE\{0142D788-C4FC-4ED8-2222-D654E27AF7F8}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1843388-EFC2-49C9-2222-FC0C403B0EBB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\INTERFACE\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0142D788-C4FC-4ED8-2222-D654E27AF7F8}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1843388-EFC2-49C9-2222-FC0C403B0EBB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0142D788-C4FC-4ED8-2222-D654E27AF7F8}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1843388-EFC2-49C9-2222-FC0C403B0EBB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1D87888-DEAA-4971-2222-5D5046F2B3BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A1011E88-B997-11CF-2222-0080C7B2D6BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A1011E88-B997-11CF-2222-0080C7B2D6BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A19F8F88-F91E-4E49-2222-BD21AB39D1BB}, No Action By User, [1130], [329424],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\SPDFRMON.EXE, No Action By User, [1130], [329818],1.0.2469
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{39AB884F-54F0-448A-A596-F2FD011C57E6}, No Action By User, [165], [325241],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\APPID\SPDFRMON.EXE, No Action By User, [1130], [329818],1.0.2469
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PC Optimizer Pro64 startups, No Action By User, [165], [325245],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SPDFRMON.EXE, No Action By User, [1130], [329818],1.0.2469

Registry Value: 6
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\SPDFRMON.EXE|APPID, No Action By User, [1130], [329818],1.0.2469
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{39AB884F-54F0-448A-A596-F2FD011C57E6}|PATH, No Action By User, [165], [325241],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\CLASSES\APPID\SPDFRMON.EXE|APPID, No Action By User, [1130], [329818],1.0.2469
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 STARTUPS.JOB, No Action By User, [165], [411376],1.0.2469
PUP.Optional.PCOptimizerPro, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\COMPATIBILITYADAPTER\SIGNATURES|PC OPTIMIZER PRO64 STARTUPS.JOB.FP, No Action By User, [165], [411376],1.0.2469
PUP.Optional.SpeedItUp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SPDFRMON.EXE|APPID, No Action By User, [1130], [329818],1.0.2469

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Ja si to taky myslim, že nezbude přeinstalovat OS.

Folder: 0
(No malicious items detected)

File: 4
PUP.Optional.SpeedItUp, C:\PROGRAMDATA\SPDS90.TXT, No Action By User, [1130], [329815],1.0.2469
PUP.Optional.APNToolBar, C:\USERS\VIVEK\DOWNLOADS\ATUBECATCHER.EXE, No Action By User, [6268], [76243],1.0.2469
PUP.Optional.PCOptimizerPro, C:\WINDOWS\TASKS\PC Optimizer Pro64 startups.job, No Action By User, [165], [325247],1.0.2469
PUP.Optional.PCOptimizerPro, C:\WINDOWS\SYSTEM32\TASKS\PC Optimizer Pro64 startups, No Action By User, [165], [325246],1.0.2469

Physical Sector: 0
(No malicious items detected)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#12 Příspěvek od Rudy »

Smažte všechny nálezy MBAM.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ViVek
Návštěvník
Návštěvník
Příspěvky: 15
Registrován: 27 čer 2015 17:50

Re: Kontrola logu

#13 Příspěvek od ViVek »

Smazáno, nenastala žádná změna, průzkumník stále nepracuje při kopírování tak jak má. Chystám se na reinstalaci OS. Děkuji za pomoc a váš čas.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Kontrola logu

#14 Příspěvek od Rudy »

Ještě můžete zkusit obnvou systému k datu, kdy korektně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět