Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Sekavé načítanie v chrome

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Sekavé načítanie v chrome

#1 Příspěvek od PureHate44 »

Ahoj. v poslednu dobu mám zas problém s browserom G.Ch... Na pár sekund zamrzne a po znova nabehne...
Opakuje sa to celkom často :-(

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2017-11-04 12:08:57
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 18 GB (9%) free of 200 GB
Total RAM: 4095 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:09:01, on 4. 11. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\OkayFreedom\Notifier.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
C:\Program Files\trend micro\Peter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [OKAYFREEDOM Notifier] "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [OKAYFREEDOM_Agent] "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BWMeter Connections Service (BWMeterConSvc) - Unknown owner - C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OkayFreedom VPN Starter Service - Steganos Software GmbH - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9044 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
taskeng.exe {6C184FD0-89E1-4BDB-8D2F-AC7FB68B48D6}
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\OkayFreedom\Notifier.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe" /scan
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "http://jp.iobit.com/rd/driverbooster_popup_free_current"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Peter\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Peter\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.75 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fede2f27e8,0x7fede2f27a8,0x7fede2f27b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1208 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --gpu-vendor-id=0x10de --gpu-device-id=0x0a65 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --service-request-channel-token=568C5D41137AA5C252E7855ECEC7DB3D --mojo-platform-channel-handle=1156 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=F1D0631D38121048B633189A88B36EE7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F1D0631D38121048B633189A88B36EE7 --renderer-client-id=4 --mojo-platform-channel-handle=2368 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=1A08BECDE8F5DAF092FAFDD894E8A2FB --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1A08BECDE8F5DAF092FAFDD894E8A2FB --renderer-client-id=7 --mojo-platform-channel-handle=3808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=530DDA12D981BD9151AEA6DC6C8E3570 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=530DDA12D981BD9151AEA6DC6C8E3570 --renderer-client-id=22 --mojo-platform-channel-handle=7212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=61E4724E565B9885E26DF0C19DEA0697 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=61E4724E565B9885E26DF0C19DEA0697 --renderer-client-id=35 --mojo-platform-channel-handle=4860 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=CB5AC33DD4AA109AA0F91501CFBE9A9E --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=CB5AC33DD4AA109AA0F91501CFBE9A9E --renderer-client-id=46 --mojo-platform-channel-handle=3372 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=DAC209B703A471BDB15990404DDFFA4B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=DAC209B703A471BDB15990404DDFFA4B --renderer-client-id=47 --mojo-platform-channel-handle=4308 /prefetch:1

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=E06987FE24065FD14D616C9271F88B53 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=E06987FE24065FD14D616C9271F88B53 --renderer-client-id=51 --mojo-platform-channel-handle=5336 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=D8A028DBB9712E074163EFA1E0E432AA --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D8A028DBB9712E074163EFA1E0E432AA --renderer-client-id=54 --mojo-platform-channel-handle=6376 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1152,16534233808742779873,787300250541141694,131072 --service-pipe-token=15534F025FBD6B842093C9CB3323A633 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=15534F025FBD6B842093C9CB3323A633 --renderer-client-id=55 --mojo-platform-channel-handle=3720 /prefetch:1
"C:\Users\Peter\Downloads\RSITx64 (2).exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-09-22 527928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-09-22 453688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1793736]
"WinUpdat"=wscript.exe //B C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [2017-11-03 324216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2017-10-03 4035696]
"Spotify Web Helper"=C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-10-30 777840]
"uTorrent"=C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2017-05-12 2469376]
"OKAYFREEDOM_Agent"=C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2017-11-02 6429176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent]
C:\Users\Peter\DAEMON Tools Ultra\DTAgent.exe [2016-12-12 5021888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM Notifier]
C:\Program Files (x86)\OkayFreedom\Notifier.exe [2017-11-02 4188152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM_Agent]
C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2017-11-02 6429176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Peter\AppData\Roaming\Spotify\Spotify.exe [2017-10-30 20791408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-10-30 777840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2017-05-12 2469376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk]
C:\Users\Peter\AppData\Local\Facebook\Games\FACEBO~2.EXE [2017-08-22 564088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM Notifier"=C:\Program Files (x86)\OkayFreedom\Notifier.exe [2017-11-02 4188152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\xchat\xchat.exe"="C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-02 19:05:42 ----D---- C:\Users\Peter\AppData\Roaming\Steganos Updates
2017-11-01 15:32:18 ----D---- C:\Windows\pss
2017-10-29 16:56:38 ----A---- C:\Windows\ntbtlog.txt
2017-10-22 12:38:49 ----D---- C:\Program Files (x86)\AVG
2017-10-22 12:38:15 ----HD---- C:\ProgramData\Common Files
2017-10-22 12:38:15 ----D---- C:\ProgramData\Avg
2017-10-22 12:32:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-22 12:30:48 ----D---- C:\Program Files (x86)\MSECache
2017-10-22 09:47:17 ----D---- C:\Program Files (x86)\OkayFreedom
2017-10-13 17:38:32 ----D---- C:\Users\Peter\AppData\Roaming\cef3-cache
2017-10-13 17:38:08 ----D---- C:\Users\Peter\AppData\Roaming\bwincom
2017-10-12 02:09:13 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-11 18:10:47 ----A---- C:\Windows\system32\mshtml.dll
2017-10-11 18:10:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-11 18:10:44 ----A---- C:\Windows\system32\ieframe.dll
2017-10-11 18:10:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-11 18:10:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-11 18:10:42 ----A---- C:\Windows\system32\jscript9.dll
2017-10-11 18:10:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-11 18:10:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-11 18:10:41 ----A---- C:\Windows\system32\wininet.dll
2017-10-11 18:10:41 ----A---- C:\Windows\system32\win32k.sys
2017-10-11 18:10:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\urlmon.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\tquery.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-11 18:10:40 ----A---- C:\Windows\system32\iertutil.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\Query.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\mf.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\jscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-11 18:10:38 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-11 18:10:38 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-11 18:10:37 ----A---- C:\Windows\system32\msctf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-11 18:10:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\wlansec.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\t2embed.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 18:10:36 ----A---- C:\Windows\system32\mfps.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\gdi32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\themeui.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\ntdll.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\webcheck.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\icaapi.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\certcli.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\vbscript.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\smss.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\kerberos.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-11 18:10:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-11 18:10:32 ----A---- C:\Windows\system32\mssrch.dll
2017-10-11 18:10:32 ----A---- C:\Windows\system32\ieui.dll
2017-10-11 18:10:32 ----A---- C:\Windows\system32\advapi32.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\schannel.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\mssvp.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\mssph.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\msrating.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\kernel32.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\wow64win.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\winsrv.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\wdigest.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\srcore.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\occache.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\wow64.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\sspicli.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\lsass.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\inseng.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\iesetup.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-11 18:10:29 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\conhost.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\srclient.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\secur32.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\rstrui.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\iernonce.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-11 18:10:28 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidapi.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-11 18:10:27 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\msshooks.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\credssp.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\auditpol.exe
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-11 18:10:26 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-11 18:10:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\msobjs.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\msaudite.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\adtschema.dll
2017-10-11 18:10:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-11 18:10:22 ----A---- C:\Windows\system32\mferror.dll
2017-10-11 18:10:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-07 16:20:27 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2017-10-07 16:20:26 ----DC---- C:\Windows\system32\DRVSTORE
2017-10-07 16:20:26 ----D---- C:\Program Files\DIFX
2017-10-06 17:17:03 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2017-10-05 15:35:53 ----A---- C:\Windows\system32\drivers\VBoxUSB.sys
2017-10-05 15:35:50 ----D---- C:\Program Files (x86)\Bignox
2017-10-05 15:34:26 ----D---- C:\Program Files (x86)\Nox

======List of files/folders modified in the last 1 month======

2017-11-04 12:09:01 ----D---- C:\Windows\Temp
2017-11-04 12:09:00 ----D---- C:\Program Files\trend micro
2017-11-04 11:40:00 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-04 11:04:31 ----D---- C:\Users\Peter\AppData\Roaming\DMCache
2017-11-04 09:21:23 ----D---- C:\Windows\system32\config
2017-11-04 09:05:13 ----D---- C:\Users\Peter\AppData\Roaming\Charles
2017-11-04 09:02:25 ----D---- C:\Users\Peter\AppData\Roaming\uTorrent
2017-11-04 08:10:16 ----D---- C:\Windows
2017-11-03 11:19:31 ----D---- C:\Windows\Prefetch
2017-11-03 11:19:14 ----SHD---- C:\System Volume Information
2017-11-03 11:16:59 ----D---- C:\Windows\system32\DriverStore
2017-11-03 11:16:59 ----D---- C:\Windows\inf
2017-11-02 04:20:17 ----D---- C:\ProgramData\ProductData
2017-11-01 15:36:30 ----D---- C:\Windows\system32\Tasks
2017-10-31 16:53:12 ----D---- C:\Users\Peter\AppData\Roaming\Spotify
2017-10-29 17:21:36 ----D---- C:\Windows\system32\NDF
2017-10-29 16:58:58 ----D---- C:\Windows\debug
2017-10-29 16:54:45 ----D---- C:\Windows\Logs
2017-10-29 11:37:49 ----D---- C:\Windows\System32
2017-10-29 11:37:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-28 17:04:31 ----D---- C:\Users\Peter\AppData\Roaming\IDM
2017-10-28 17:03:18 ----D---- C:\Program Files\CCleaner
2017-10-28 14:47:17 ----SHD---- C:\Windows\Installer
2017-10-27 20:32:33 ----D---- C:\Windows\SysWOW64
2017-10-27 20:32:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-27 20:32:21 ----D---- C:\Windows\system32\Macromed
2017-10-23 03:59:38 ----RD---- C:\Program Files
2017-10-23 03:23:27 ----D---- C:\Program Files (x86)\TeamViewer
2017-10-22 19:34:47 ----D---- C:\Users\Peter\AppData\Roaming\Steganos
2017-10-22 13:01:48 ----D---- C:\Users\Peter\AppData\Roaming\TeamViewer
2017-10-22 13:01:48 ----D---- C:\Program Files (x86)\Internet Download Manager
2017-10-22 13:01:45 ----D---- C:\Windows\system32\sysprep
2017-10-22 13:01:34 ----D---- C:\Windows\Tasks
2017-10-22 12:39:35 ----D---- C:\Windows\winsxs
2017-10-22 12:38:49 ----RD---- C:\Program Files (x86)
2017-10-22 12:38:15 ----HD---- C:\ProgramData
2017-10-22 12:35:46 ----SD---- C:\Users\Peter\AppData\Roaming\Microsoft
2017-10-17 18:22:11 ----D---- C:\Windows\system32\catroot2
2017-10-12 03:28:51 ----D---- C:\Windows\rescache
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\migration
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-12 02:29:19 ----D---- C:\Program Files\Internet Explorer
2017-10-12 02:29:19 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-12 02:29:17 ----D---- C:\Windows\system32\sk-SK
2017-10-12 02:29:17 ----D---- C:\Windows\system32\migration
2017-10-12 02:29:17 ----D---- C:\Windows\system32\en-US
2017-10-12 02:29:17 ----D---- C:\Windows\system32\drivers
2017-10-12 02:29:16 ----D---- C:\Windows\system32\Boot
2017-10-12 02:29:16 ----D---- C:\Windows\AppPatch
2017-10-12 02:20:03 ----D---- C:\Windows\Microsoft.NET
2017-10-12 02:13:36 ----D---- C:\Windows\system32\MRT
2017-10-12 02:09:06 ----AC---- C:\Windows\system32\MRT.exe
2017-10-12 02:06:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-08 14:53:51 ----AD---- C:\Program Files (x86)\BlueStacks
2017-10-08 14:49:04 ----D---- C:\AdwCleaner
2017-10-05 15:36:09 ----D---- C:\Windows\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2017-03-09 30744]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 adgnetworkwfpdrv;adgnetworkwfpdrv; C:\Windows\system32\drivers\adgnetworkwfpdrv.sys [2017-03-27 70384]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dsnpfd;DeskSoft LightWeight Filter; C:\Windows\system32\DRIVERS\dsnpfd.sys [2017-02-22 37576]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-11-03 132848]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-11-03 180088]
R1 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2017-11-03 77736]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-11-26 27552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2017-10-05 144656]
R1 YSDrv;VBox Support Driver; \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [2017-10-05 270608]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2017-08-05 225568]
R3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtultrascsibus.sys [2017-01-25 30264]
R3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\Windows\system32\DRIVERS\dtultrausbbus.sys [2017-01-25 47672]
R3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2017-08-08 32840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2016-11-26 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-20 197408]
R3 P17;SB 5.1 VX; C:\Windows\system32\drivers\P17.sys [2016-11-26 1309696]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-12-03 129152]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-12-22 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-12-22 47672]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [2009-08-07 23112]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-11-26 33960]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-12-14 221824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2017-10-05 131856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
R2 BWMeterConSvc;BWMeter Connections Service; C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe [2017-02-22 126976]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2017-11-03 2648184]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 OkayFreedom VPN Starter Service;OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [2017-11-02 355336]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-11-28 10216688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-27 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2016-11-26 79360]
S3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2016-12-12 4854464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-29 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [2015-03-17 73200]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-06-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118270
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Sekavé načítanie v chrome

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#3 Příspěvek od PureHate44 »

# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 04 11:32:32 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 7 Professional (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted: Driver Booster Scheduler


***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fd06d23-1810-464b-b9c5-b92c28776962}_is1


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [2700 B] - [2016/4/30 12:6:27]
C:/AdwCleaner/AdwCleaner[C2].txt - [2283 B] - [2016/9/10 18:20:6]
C:/AdwCleaner/AdwCleaner[C3].txt - [5437 B] - [2016/11/18 20:8:58]
C:/AdwCleaner/AdwCleaner[C4].txt - [10900 B] - [2016/11/22 18:30:52]
C:/AdwCleaner/AdwCleaner[C5].txt - [2009 B] - [2016/12/29 18:54:56]
C:/AdwCleaner/AdwCleaner[C6].txt - [2170 B] - [2017/6/11 19:43:2]
C:/AdwCleaner/AdwCleaner[S10].txt - [2153 B] - [2017/1/20 13:27:12]
C:/AdwCleaner/AdwCleaner[S11].txt - [2458 B] - [2017/6/11 19:42:51]
C:/AdwCleaner/AdwCleaner[S1].txt - [2775 B] - [2016/4/30 12:3:52]
C:/AdwCleaner/AdwCleaner[S3].txt - [2338 B] - [2016/9/10 18:19:39]
C:/AdwCleaner/AdwCleaner[S4].txt - [5264 B] - [2016/11/18 20:6:1]
C:/AdwCleaner/AdwCleaner[S5].txt - [13560 B] - [2016/11/22 18:25:30]
C:/AdwCleaner/AdwCleaner[S6].txt - [13582 B] - [2016/11/22 18:29:2]
C:/AdwCleaner/AdwCleaner[S7].txt - [1398 B] - [2015/3/25 20:32:4]
C:/AdwCleaner/AdwCleaner[S8].txt - [2363 B] - [2015/4/18 11:58:43]
C:/AdwCleaner/AdwCleaner[S9].txt - [2144 B] - [2016/12/29 18:54:39]


########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt ##########
Naposledy upravil(a) PureHate44 dne 04 lis 2017 12:35, celkem upraveno 1 x.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#4 Příspěvek od PureHate44 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2017-11-04 12:35:56
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 18 GB (9%) free of 200 GB
Total RAM: 4095 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:36:02, on 4. 11. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
C:\Program Files (x86)\OkayFreedom\Notifier.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files\trend micro\Peter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [OKAYFREEDOM Notifier] "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [OKAYFREEDOM_Agent] "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BWMeter Connections Service (BWMeterConSvc) - Unknown owner - C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OkayFreedom VPN Starter Service - Steganos Software GmbH - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9093 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskeng.exe {AEA89864-70A8-42C2-BAA6-80A57D2D47D6}
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
taskeng.exe {5B962505-F8BD-435B-976D-9F29A0C12343}
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe"
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
"C:\Program Files (x86)\OkayFreedom\Notifier.exe"
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[C6].txt
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Peter\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Peter\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.75 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fee30a27e8,0x7fee30a27a8,0x7fee30a27b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3516 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --gpu-vendor-id=0x10de --gpu-device-id=0x0a65 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --service-request-channel-token=BFC12D15C8CD2315E6B896175ADB24B4 --mojo-platform-channel-handle=1136 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=6542EB2F1737062BBBF99BF4A3241DD7 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=6542EB2F1737062BBBF99BF4A3241DD7 --renderer-client-id=4 --mojo-platform-channel-handle=2708 /prefetch:1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=2E3C3647E66868BA7132FA53434E8FC9 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=2E3C3647E66868BA7132FA53434E8FC9 --renderer-client-id=11 --mojo-platform-channel-handle=4280 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=1F6CA0DF26C5A60F490219E33F64BC32 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1F6CA0DF26C5A60F490219E33F64BC32 --renderer-client-id=13 --mojo-platform-channel-handle=4808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=D4BBC3A63D9C575B925FC452DE560812 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D4BBC3A63D9C575B925FC452DE560812 --renderer-client-id=10 --mojo-platform-channel-handle=5376 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=AFA09A35ED37CF788CE9F59259C8574B --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=AFA09A35ED37CF788CE9F59259C8574B --renderer-client-id=9 --mojo-platform-channel-handle=5492 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=5CA4CF1F37D924594CB641321A43DC75 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=5CA4CF1F37D924594CB641321A43DC75 --renderer-client-id=12 --mojo-platform-channel-handle=5892 /prefetch:1
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=877C0459141C4FA29C94CFFE4ACC6C71 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=877C0459141C4FA29C94CFFE4ACC6C71 --renderer-client-id=8 --mojo-platform-channel-handle=6528 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1120,9839026132029280779,13768302024602282032,131072 --service-pipe-token=1323FE533C2782C9E4670954530E1F52 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1323FE533C2782C9E4670954530E1F52 --renderer-client-id=14 --mojo-platform-channel-handle=4356 /prefetch:1
"C:\Users\Peter\Downloads\RSITx64 (2).exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

=========Mozilla firefox=========

ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-09-22 527928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-09-22 453688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1793736]
"WinUpdat"=wscript.exe //B C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [2017-11-03 324216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2017-10-03 4035696]
"Spotify Web Helper"=C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-10-30 777840]
"uTorrent"=C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2017-05-12 2469376]
"OKAYFREEDOM_Agent"=C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2017-11-02 6429176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent]
C:\Users\Peter\DAEMON Tools Ultra\DTAgent.exe [2016-12-12 5021888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM Notifier]
C:\Program Files (x86)\OkayFreedom\Notifier.exe [2017-11-02 4188152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM_Agent]
C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2017-11-02 6429176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Peter\AppData\Roaming\Spotify\Spotify.exe [2017-10-30 20791408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-10-30 777840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2017-05-12 2469376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk]
C:\Users\Peter\AppData\Local\Facebook\Games\FACEBO~2.EXE [2017-08-22 564088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM Notifier"=C:\Program Files (x86)\OkayFreedom\Notifier.exe [2017-11-02 4188152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\xchat\xchat.exe"="C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-02 19:05:42 ----D---- C:\Users\Peter\AppData\Roaming\Steganos Updates
2017-11-01 15:32:18 ----D---- C:\Windows\pss
2017-10-29 16:56:38 ----A---- C:\Windows\ntbtlog.txt
2017-10-22 12:38:49 ----D---- C:\Program Files (x86)\AVG
2017-10-22 12:38:15 ----HD---- C:\ProgramData\Common Files
2017-10-22 12:38:15 ----D---- C:\ProgramData\Avg
2017-10-22 12:32:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-22 12:30:48 ----D---- C:\Program Files (x86)\MSECache
2017-10-22 09:47:17 ----D---- C:\Program Files (x86)\OkayFreedom
2017-10-13 17:38:32 ----D---- C:\Users\Peter\AppData\Roaming\cef3-cache
2017-10-13 17:38:08 ----D---- C:\Users\Peter\AppData\Roaming\bwincom
2017-10-12 02:09:13 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-11 18:10:47 ----A---- C:\Windows\system32\mshtml.dll
2017-10-11 18:10:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-11 18:10:44 ----A---- C:\Windows\system32\ieframe.dll
2017-10-11 18:10:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-11 18:10:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-11 18:10:42 ----A---- C:\Windows\system32\jscript9.dll
2017-10-11 18:10:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-11 18:10:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-11 18:10:41 ----A---- C:\Windows\system32\wininet.dll
2017-10-11 18:10:41 ----A---- C:\Windows\system32\win32k.sys
2017-10-11 18:10:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\urlmon.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\tquery.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-11 18:10:40 ----A---- C:\Windows\system32\iertutil.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\Query.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\mf.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\jscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-11 18:10:38 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-11 18:10:38 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-11 18:10:37 ----A---- C:\Windows\system32\msctf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-11 18:10:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\wlansec.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\t2embed.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 18:10:36 ----A---- C:\Windows\system32\mfps.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\gdi32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\themeui.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\ntdll.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\webcheck.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\icaapi.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\certcli.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\vbscript.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\smss.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\kerberos.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-11 18:10:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-11 18:10:32 ----A---- C:\Windows\system32\mssrch.dll
2017-10-11 18:10:32 ----A---- C:\Windows\system32\ieui.dll
2017-10-11 18:10:32 ----A---- C:\Windows\system32\advapi32.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\schannel.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\mssvp.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\mssph.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\msrating.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\kernel32.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\wow64win.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\winsrv.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\wdigest.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\srcore.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\occache.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\wow64.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\sspicli.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\lsass.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\inseng.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\iesetup.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-11 18:10:29 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\conhost.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\srclient.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\secur32.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\rstrui.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\iernonce.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-11 18:10:28 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidapi.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-11 18:10:27 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\msshooks.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\credssp.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\auditpol.exe
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-11 18:10:26 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-11 18:10:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\msobjs.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\msaudite.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\adtschema.dll
2017-10-11 18:10:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-11 18:10:22 ----A---- C:\Windows\system32\mferror.dll
2017-10-11 18:10:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-07 16:20:27 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2017-10-07 16:20:26 ----DC---- C:\Windows\system32\DRVSTORE
2017-10-07 16:20:26 ----D---- C:\Program Files\DIFX
2017-10-06 17:17:03 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2017-10-05 15:35:53 ----A---- C:\Windows\system32\drivers\VBoxUSB.sys
2017-10-05 15:35:50 ----D---- C:\Program Files (x86)\Bignox
2017-10-05 15:34:26 ----D---- C:\Program Files (x86)\Nox

======List of files/folders modified in the last 1 month======

2017-11-04 12:35:59 ----D---- C:\Program Files\trend micro
2017-11-04 12:35:30 ----D---- C:\Windows\Temp
2017-11-04 12:34:01 ----D---- C:\Users\Peter\AppData\Roaming\uTorrent
2017-11-04 12:32:40 ----D---- C:\Windows\system32\config
2017-11-04 12:27:05 ----D---- C:\AdwCleaner
2017-11-04 11:40:00 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-04 11:04:31 ----D---- C:\Users\Peter\AppData\Roaming\DMCache
2017-11-04 09:05:13 ----D---- C:\Users\Peter\AppData\Roaming\Charles
2017-11-04 08:10:16 ----D---- C:\Windows
2017-11-03 11:19:31 ----D---- C:\Windows\Prefetch
2017-11-03 11:19:14 ----SHD---- C:\System Volume Information
2017-11-03 11:16:59 ----D---- C:\Windows\system32\DriverStore
2017-11-03 11:16:59 ----D---- C:\Windows\inf
2017-11-02 04:20:17 ----D---- C:\ProgramData\ProductData
2017-11-01 15:36:30 ----D---- C:\Windows\system32\Tasks
2017-10-31 16:53:12 ----D---- C:\Users\Peter\AppData\Roaming\Spotify
2017-10-29 17:21:36 ----D---- C:\Windows\system32\NDF
2017-10-29 16:58:58 ----D---- C:\Windows\debug
2017-10-29 16:54:45 ----D---- C:\Windows\Logs
2017-10-29 11:37:49 ----D---- C:\Windows\System32
2017-10-29 11:37:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-28 17:04:31 ----D---- C:\Users\Peter\AppData\Roaming\IDM
2017-10-28 17:03:18 ----D---- C:\Program Files\CCleaner
2017-10-28 14:47:17 ----SHD---- C:\Windows\Installer
2017-10-27 20:32:33 ----D---- C:\Windows\SysWOW64
2017-10-27 20:32:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-27 20:32:21 ----D---- C:\Windows\system32\Macromed
2017-10-23 03:59:38 ----RD---- C:\Program Files
2017-10-23 03:23:27 ----D---- C:\Program Files (x86)\TeamViewer
2017-10-22 19:34:47 ----D---- C:\Users\Peter\AppData\Roaming\Steganos
2017-10-22 13:01:48 ----D---- C:\Users\Peter\AppData\Roaming\TeamViewer
2017-10-22 13:01:48 ----D---- C:\Program Files (x86)\Internet Download Manager
2017-10-22 13:01:45 ----D---- C:\Windows\system32\sysprep
2017-10-22 13:01:34 ----D---- C:\Windows\Tasks
2017-10-22 12:39:35 ----D---- C:\Windows\winsxs
2017-10-22 12:38:49 ----RD---- C:\Program Files (x86)
2017-10-22 12:38:15 ----HD---- C:\ProgramData
2017-10-22 12:35:46 ----SD---- C:\Users\Peter\AppData\Roaming\Microsoft
2017-10-17 18:22:11 ----D---- C:\Windows\system32\catroot2
2017-10-12 03:28:51 ----D---- C:\Windows\rescache
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\migration
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-12 02:29:19 ----D---- C:\Program Files\Internet Explorer
2017-10-12 02:29:19 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-12 02:29:17 ----D---- C:\Windows\system32\sk-SK
2017-10-12 02:29:17 ----D---- C:\Windows\system32\migration
2017-10-12 02:29:17 ----D---- C:\Windows\system32\en-US
2017-10-12 02:29:17 ----D---- C:\Windows\system32\drivers
2017-10-12 02:29:16 ----D---- C:\Windows\system32\Boot
2017-10-12 02:29:16 ----D---- C:\Windows\AppPatch
2017-10-12 02:20:03 ----D---- C:\Windows\Microsoft.NET
2017-10-12 02:13:36 ----D---- C:\Windows\system32\MRT
2017-10-12 02:09:06 ----AC---- C:\Windows\system32\MRT.exe
2017-10-12 02:06:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-08 14:53:51 ----AD---- C:\Program Files (x86)\BlueStacks
2017-10-05 15:36:09 ----D---- C:\Windows\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2017-03-09 30744]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 adgnetworkwfpdrv;adgnetworkwfpdrv; C:\Windows\system32\drivers\adgnetworkwfpdrv.sys [2017-03-27 70384]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dsnpfd;DeskSoft LightWeight Filter; C:\Windows\system32\DRIVERS\dsnpfd.sys [2017-02-22 37576]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-11-03 132848]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-11-03 180088]
R1 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2017-11-03 77736]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-11-26 27552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2017-10-05 144656]
R1 YSDrv;VBox Support Driver; \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [2017-10-05 270608]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2017-08-05 225568]
R3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtultrascsibus.sys [2017-01-25 30264]
R3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\Windows\system32\DRIVERS\dtultrausbbus.sys [2017-01-25 47672]
R3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2017-08-08 32840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2016-11-26 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-20 197408]
R3 P17;SB 5.1 VX; C:\Windows\system32\drivers\P17.sys [2016-11-26 1309696]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-12-03 129152]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-12-22 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-12-22 47672]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [2009-08-07 23112]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-11-26 33960]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-12-14 221824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2017-10-05 131856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
R2 BWMeterConSvc;BWMeter Connections Service; C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe [2017-02-22 126976]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2017-11-03 2648184]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 OkayFreedom VPN Starter Service;OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [2017-11-02 355336]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-11-28 10216688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-27 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2016-11-26 79360]
S3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2016-12-12 4854464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-29 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [2015-03-17 73200]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-06-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118270
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Sekavé načítanie v chrome

#5 Příspěvek od Rudy »

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"WinUpdat"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#6 Příspěvek od PureHate44 »

All processes killed
========== FILES ==========
File/Folder C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinUpdat not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Peter
->Temp folder emptied: 76804188 bytes
->Temporary Internet Files folder emptied: 403910 bytes
->FireFox cache emptied: 510626 bytes
->Google Chrome cache emptied: 238886332 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 207996033 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 500,00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Peter
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb


OTM by OldTimer - Version 3.1.21.0 log created on 11042017_153045

Files moved on Reboot...
File C:\Users\Peter\AppData\Local\Temp\_tc\Old Firm - Last Kind\04. Old Firm ‎ - Moja rodina (My family).mp3 not found!
File move failed. C:\Users\Peter\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\b9928bf7aa10148369087e55f224ad6b_fce8394c8fd8a807_6229ccd76215aea1_0_0.bin scheduled to be moved on reboot.
File move failed. C:\Users\Peter\AppData\Local\Temp\NVIDIA Corporation\NV_Cache\b9928bf7aa10148369087e55f224ad6b_fce8394c8fd8a807_6229ccd76215aea1_0_0.toc scheduled to be moved on reboot.
C:\Users\Peter\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#7 Příspěvek od PureHate44 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peter at 2017-11-04 15:43:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 18 GB (9%) free of 200 GB
Total RAM: 4095 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:43:08, on 4. 11. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
C:\Program Files (x86)\OkayFreedom\Notifier.exe
C:\Users\Peter\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
C:\Program Files\trend micro\Peter.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [OKAYFREEDOM Notifier] "C:\Program Files (x86)\OkayFreedom\Notifier.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [OKAYFREEDOM_Agent] "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stiahnuť s IDM všetky prepojenia - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" (file missing)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BWMeter Connections Service (BWMeterConSvc) - Unknown owner - C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OkayFreedom VPN Starter Service - Steganos Software GmbH - C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9223 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe"
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
taskeng.exe {7709FE35-8C55-4CE5-8657-7FD7EEFB9789}
"C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe" /STARTUP
"C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" /onboot
"C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe" --autostart
"C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
"C:\Program Files (x86)\OkayFreedom\Notifier.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Peter\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {51705368-707C-4420-99AA-3A4643677153}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Peter\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Peter\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=62.0.3202.75 --initial-client-data=0x80,0x84,0x88,0x7c,0x8c,0x7fee3c127e8,0x7fee3c127a8,0x7fee3c127b8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3728 --on-initialized-event-handle=312 --parent-handle=316 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1160,11233472699941550551,5502322769638561526,131072 --gpu-vendor-id=0x10de --gpu-device-id=0x0a65 --gpu-driver-vendor=NVIDIA --gpu-driver-version=21.21.13.4201 --gpu-driver-date=11-14-2016 --service-request-channel-token=9AFBD8AC63A25BE6D6DCE79EC5F73DA9 --mojo-platform-channel-handle=1192 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,11233472699941550551,5502322769638561526,131072 --service-pipe-token=F272A7D92B1CA5E8E5C54C7EB3C9E995 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F272A7D92B1CA5E8E5C54C7EB3C9E995 --renderer-client-id=4 --mojo-platform-channel-handle=2700 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1160,11233472699941550551,5502322769638561526,131072 --service-pipe-token=D0C3BDA330A5D52B97D5FA9C7D9712C1 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D0C3BDA330A5D52B97D5FA9C7D9712C1 --renderer-client-id=9 --mojo-platform-channel-handle=4708 /prefetch:1
"C:\Users\Peter\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.183 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-09-22 527928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-09-22 453688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-02-20 1793736]
"WinUpdat"=wscript.exe //B C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs []
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [2017-11-03 324216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2017-10-03 4035696]
"Spotify Web Helper"=C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-10-30 777840]
"uTorrent"=C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2017-05-12 2469376]
"OKAYFREEDOM_Agent"=C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2017-11-02 6429176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent]
C:\Users\Peter\DAEMON Tools Ultra\DTAgent.exe [2016-12-12 5021888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM Notifier]
C:\Program Files (x86)\OkayFreedom\Notifier.exe [2017-11-02 4188152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM_Agent]
C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [2017-11-02 6429176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify]
C:\Users\Peter\AppData\Roaming\Spotify\Spotify.exe [2017-10-30 20791408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017-10-30 777840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2017-05-12 2469376]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk]
C:\Users\Peter\AppData\Local\Facebook\Games\FACEBO~2.EXE [2017-08-22 564088]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM Notifier"=C:\Program Files (x86)\OkayFreedom\Notifier.exe [2017-11-02 4188152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\xchat\xchat.exe"="C:\Program Files (x86)\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-11-02 19:05:42 ----D---- C:\Users\Peter\AppData\Roaming\Steganos Updates
2017-11-01 15:32:18 ----D---- C:\Windows\pss
2017-10-29 16:56:38 ----A---- C:\Windows\ntbtlog.txt
2017-10-22 12:38:49 ----D---- C:\Program Files (x86)\AVG
2017-10-22 12:38:15 ----HD---- C:\ProgramData\Common Files
2017-10-22 12:38:15 ----D---- C:\ProgramData\Avg
2017-10-22 12:32:13 ----D---- C:\Program Files (x86)\Microsoft Office
2017-10-22 12:30:48 ----D---- C:\Program Files (x86)\MSECache
2017-10-22 09:47:17 ----D---- C:\Program Files (x86)\OkayFreedom
2017-10-13 17:38:32 ----D---- C:\Users\Peter\AppData\Roaming\cef3-cache
2017-10-13 17:38:08 ----D---- C:\Users\Peter\AppData\Roaming\bwincom
2017-10-12 02:09:13 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2017-10-11 18:10:47 ----A---- C:\Windows\system32\mshtml.dll
2017-10-11 18:10:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2017-10-11 18:10:44 ----A---- C:\Windows\system32\ieframe.dll
2017-10-11 18:10:43 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2017-10-11 18:10:42 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2017-10-11 18:10:42 ----A---- C:\Windows\system32\jscript9.dll
2017-10-11 18:10:41 ----A---- C:\Windows\SYSWOW64\wininet.dll
2017-10-11 18:10:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2017-10-11 18:10:41 ----A---- C:\Windows\system32\wininet.dll
2017-10-11 18:10:41 ----A---- C:\Windows\system32\win32k.sys
2017-10-11 18:10:40 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\urlmon.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\tquery.dll
2017-10-11 18:10:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2017-10-11 18:10:40 ----A---- C:\Windows\system32\iertutil.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\tquery.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\Query.dll
2017-10-11 18:10:39 ----A---- C:\Windows\SYSWOW64\jscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\rdpcore.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\Query.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\mf.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\jscript.dll
2017-10-11 18:10:39 ----A---- C:\Windows\system32\drivers\ntfs.sys
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2017-10-11 18:10:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2017-10-11 18:10:38 ----A---- C:\Windows\system32\msfeeds.dll
2017-10-11 18:10:38 ----A---- C:\Windows\system32\drivers\srv.sys
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\msctf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\mf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2017-10-11 18:10:37 ----A---- C:\Windows\system32\msctf.dll
2017-10-11 18:10:37 ----A---- C:\Windows\system32\drivers\nwifi.sys
2017-10-11 18:10:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2017-10-11 18:10:36 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\wlansec.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\t2embed.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 18:10:36 ----A---- C:\Windows\system32\mfps.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\iedkcs32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\gdi32.dll
2017-10-11 18:10:36 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\themeui.dll
2017-10-11 18:10:35 ----A---- C:\Windows\SYSWOW64\mswstr10.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanmsm.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanhlp.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\wlanapi.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\themeui.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\ntdll.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\MshtmlDac.dll
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\srv2.sys
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2017-10-11 18:10:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\msjint40.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2017-10-11 18:10:34 ----A---- C:\Windows\SYSWOW64\certcli.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\wlansvc.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\webcheck.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\mshtmled.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\icaapi.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\dxtrans.dll
2017-10-11 18:10:34 ----A---- C:\Windows\system32\certcli.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\mfps.dll
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2017-10-11 18:10:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\vbscript.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\smss.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\rrinstaller.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\rpcrt4.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\mfpmp.exe
2017-10-11 18:10:33 ----A---- C:\Windows\system32\lsasrv.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\kerberos.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\ieapfltr.dll
2017-10-11 18:10:33 ----A---- C:\Windows\system32\drivers\srvnet.sys
2017-10-11 18:10:33 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2017-10-11 18:10:32 ----A---- C:\Windows\system32\mssrch.dll
2017-10-11 18:10:32 ----A---- C:\Windows\system32\ieui.dll
2017-10-11 18:10:32 ----A---- C:\Windows\system32\advapi32.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\schannel.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\mssvp.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\mssph.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\msrating.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\kernel32.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\jscript9diag.dll
2017-10-11 18:10:31 ----A---- C:\Windows\system32\dxtmsft.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2017-10-11 18:10:30 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\wow64win.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\winsrv.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\wdigest.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\TSpkg.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\srcore.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\occache.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\ncrypt.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\msv1_0.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\KernelBase.dll
2017-10-11 18:10:30 ----A---- C:\Windows\system32\jsproxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\occache.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2017-10-11 18:10:29 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\wow64.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\sspicli.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\rpchttp.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssprxy.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssphtb.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\mssitlb.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\lsass.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\inseng.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\ieUnatt.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\iesetup.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\ieetwproxystub.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2017-10-11 18:10:29 ----A---- C:\Windows\system32\csrsrv.dll
2017-10-11 18:10:29 ----A---- C:\Windows\system32\conhost.exe
2017-10-11 18:10:29 ----A---- C:\Windows\system32\bcrypt.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\srclient.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssph.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\inseng.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2017-10-11 18:10:28 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\wow64cpu.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\sspisrv.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\srclient.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\setbcdlocale.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\secur32.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\SearchIndexer.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\rstrui.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\msscntrs.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\iernonce.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\ieetwcollector.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\ie4uinit.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\drivers\appid.sys
2017-10-11 18:10:28 ----A---- C:\Windows\system32\cryptbase.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidsvc.dll
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 18:10:28 ----A---- C:\Windows\system32\appidapi.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\secur32.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\credssp.dll
2017-10-11 18:10:27 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\SearchFilterHost.exe
2017-10-11 18:10:27 ----A---- C:\Windows\system32\ntvdm64.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\msshooks.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\credssp.dll
2017-10-11 18:10:27 ----A---- C:\Windows\system32\auditpol.exe
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10:26 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\wow32.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2017-10-11 18:10:26 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2017-10-11 18:10:26 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10:25 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2017-10-11 18:10:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\user.exe
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\instnm.exe
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\msobjs.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\msaudite.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\apisetschema.dll
2017-10-11 18:10:23 ----A---- C:\Windows\system32\adtschema.dll
2017-10-11 18:10:22 ----A---- C:\Windows\SYSWOW64\mferror.dll
2017-10-11 18:10:22 ----A---- C:\Windows\system32\mferror.dll
2017-10-11 18:10:22 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2017-10-07 16:20:27 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2017-10-07 16:20:26 ----DC---- C:\Windows\system32\DRVSTORE
2017-10-07 16:20:26 ----D---- C:\Program Files\DIFX
2017-10-06 17:17:03 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2017-10-05 15:35:53 ----A---- C:\Windows\system32\drivers\VBoxUSB.sys
2017-10-05 15:35:50 ----D---- C:\Program Files (x86)\Bignox
2017-10-05 15:34:26 ----D---- C:\Program Files (x86)\Nox

======List of files/folders modified in the last 1 month======

2017-11-04 15:43:08 ----D---- C:\Windows\Prefetch
2017-11-04 15:43:08 ----D---- C:\Program Files\trend micro
2017-11-04 15:43:07 ----D---- C:\Windows\Temp
2017-11-04 15:40:00 ----D---- C:\Windows\SYSWOW64\Macromed
2017-11-04 15:38:32 ----D---- C:\Users\Peter\AppData\Roaming\uTorrent
2017-11-04 15:31:20 ----D---- C:\Windows\system32\config
2017-11-04 15:28:25 ----D---- C:\Users\Peter\AppData\Roaming\IDM
2017-11-04 13:56:39 ----D---- C:\Users\Peter\AppData\Roaming\Charles
2017-11-04 12:27:05 ----D---- C:\AdwCleaner
2017-11-04 11:04:31 ----D---- C:\Users\Peter\AppData\Roaming\DMCache
2017-11-04 08:10:16 ----D---- C:\Windows
2017-11-03 11:19:14 ----SHD---- C:\System Volume Information
2017-11-03 11:16:59 ----D---- C:\Windows\system32\DriverStore
2017-11-03 11:16:59 ----D---- C:\Windows\inf
2017-11-02 04:20:17 ----D---- C:\ProgramData\ProductData
2017-11-01 15:36:30 ----D---- C:\Windows\system32\Tasks
2017-10-31 16:53:12 ----D---- C:\Users\Peter\AppData\Roaming\Spotify
2017-10-29 17:21:36 ----D---- C:\Windows\system32\NDF
2017-10-29 16:58:58 ----D---- C:\Windows\debug
2017-10-29 16:54:45 ----D---- C:\Windows\Logs
2017-10-29 11:37:49 ----D---- C:\Windows\System32
2017-10-29 11:37:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-10-28 17:03:18 ----D---- C:\Program Files\CCleaner
2017-10-28 14:47:17 ----SHD---- C:\Windows\Installer
2017-10-27 20:32:33 ----D---- C:\Windows\SysWOW64
2017-10-27 20:32:26 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2017-10-27 20:32:21 ----D---- C:\Windows\system32\Macromed
2017-10-23 03:59:38 ----RD---- C:\Program Files
2017-10-23 03:23:27 ----D---- C:\Program Files (x86)\TeamViewer
2017-10-22 19:34:47 ----D---- C:\Users\Peter\AppData\Roaming\Steganos
2017-10-22 13:01:48 ----D---- C:\Users\Peter\AppData\Roaming\TeamViewer
2017-10-22 13:01:48 ----D---- C:\Program Files (x86)\Internet Download Manager
2017-10-22 13:01:45 ----D---- C:\Windows\system32\sysprep
2017-10-22 13:01:34 ----D---- C:\Windows\Tasks
2017-10-22 12:39:35 ----D---- C:\Windows\winsxs
2017-10-22 12:38:49 ----RD---- C:\Program Files (x86)
2017-10-22 12:38:15 ----HD---- C:\ProgramData
2017-10-22 12:35:46 ----SD---- C:\Users\Peter\AppData\Roaming\Microsoft
2017-10-17 18:22:11 ----D---- C:\Windows\system32\catroot2
2017-10-12 03:28:51 ----D---- C:\Windows\rescache
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\sk-SK
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\migration
2017-10-12 02:29:19 ----D---- C:\Windows\SYSWOW64\en-US
2017-10-12 02:29:19 ----D---- C:\Program Files\Internet Explorer
2017-10-12 02:29:19 ----D---- C:\Program Files (x86)\Internet Explorer
2017-10-12 02:29:17 ----D---- C:\Windows\system32\sk-SK
2017-10-12 02:29:17 ----D---- C:\Windows\system32\migration
2017-10-12 02:29:17 ----D---- C:\Windows\system32\en-US
2017-10-12 02:29:17 ----D---- C:\Windows\system32\drivers
2017-10-12 02:29:16 ----D---- C:\Windows\system32\Boot
2017-10-12 02:29:16 ----D---- C:\Windows\AppPatch
2017-10-12 02:20:03 ----D---- C:\Windows\Microsoft.NET
2017-10-12 02:13:36 ----D---- C:\Windows\system32\MRT
2017-10-12 02:09:06 ----AC---- C:\Windows\system32\MRT.exe
2017-10-12 02:06:56 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2017-10-08 14:53:51 ----AD---- C:\Program Files (x86)\BlueStacks
2017-10-05 15:36:09 ----D---- C:\Windows\Registration

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2017-03-09 30744]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 adgnetworkwfpdrv;adgnetworkwfpdrv; C:\Windows\system32\drivers\adgnetworkwfpdrv.sys [2017-03-27 70384]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dsnpfd;DeskSoft LightWeight Filter; C:\Windows\system32\DRIVERS\dsnpfd.sys [2017-02-22 37576]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-11-03 132848]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-11-03 180088]
R1 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2017-11-03 77736]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-11-26 27552]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2017-10-05 144656]
R1 YSDrv;VBox Support Driver; \??\C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [2017-10-05 270608]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2017-08-05 225568]
R3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtultrascsibus.sys [2017-01-25 30264]
R3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\Windows\system32\DRIVERS\dtultrausbbus.sys [2017-01-25 47672]
R3 ETDSMBus;ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [2017-08-08 32840]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2016-11-26 15416]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-02-20 197408]
R3 P17;SB 5.1 VX; C:\Windows\system32\drivers\P17.sys [2016-11-26 1309696]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-12-03 129152]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2016-12-22 30264]
S3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus; C:\Windows\system32\DRIVERS\dtliteusbbus.sys [2016-12-22 47672]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [2009-08-07 23112]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2016-11-26 33960]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-12-14 221824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 tap0901;TAP-Windows Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2017-10-05 131856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
R2 BWMeterConSvc;BWMeter Connections Service; C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe [2017-02-22 126976]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [2008-11-18 307200]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2017-11-03 2648184]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
R2 OkayFreedom VPN Starter Service;OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [2017-11-02 355336]
R2 TeamViewer;TeamViewer 12; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-11-28 10216688]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-27 272384]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2016-11-26 79360]
S3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2016-12-12 4854464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-26 153752]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-09-07 116224]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-09-29 175568]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [2015-03-17 73200]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2017-06-10 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118270
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Sekavé načítanie v chrome

#8 Příspěvek od Rudy »

OTM nemazal. Dejte ještě log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#9 Příspěvek od PureHate44 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2017
Ran by Peter (administrator) on PETER-PC (05-11-2017 08:04:42)
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
() C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe
(Spotify Ltd) C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(BitTorrent Inc.) C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\Notifier.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() C:\Users\Peter\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation)
HKLM\...\Run: [WinUpdat] => wscript.exe //B "C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs" <==== ATTENTION
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmdS.exe [324216 2017-11-03] (ESET)
HKLM-x32\...\Run: [OKAYFREEDOM Notifier] => C:\Program Files (x86)\OkayFreedom\Notifier.exe [4188152 2017-11-02] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4035696 2017-10-03] (Tonec Inc.)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [Spotify Web Helper] => C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-10-30] (Spotify Ltd)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [uTorrent] => C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe [2469376 2017-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Run: [OKAYFREEDOM_Agent] => C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe [6429176 2017-11-02] (Steganos Software GmbH)
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Policies\system: [EnableLUA] 1
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {946eb8b2-c74d-11e6-8a47-001e8c60ef64} - E:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {946eb8bc-c74d-11e6-8a47-001e8c60ef64} - F:\MafiaLauncher.EXE
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {bb2bfff0-e78b-11e6-8be4-001e8c60ef64} - F:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {f5f5342f-e38d-11e6-8c80-001e8c60ef64} - E:\MafiaLauncher.EXE
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {fdbcd4d2-e143-11e6-b30e-001e8c60ef64} - E:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {fdbcd4d4-e143-11e6-b30e-001e8c60ef64} - F:\m.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-11-27] (Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1762337417-2231521048-3039012980-1000] => http=127.0.0.1:8888;https=127.0.0.1:8888
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{198A64C8-8290-44FF-AFFC-CC0451C43693}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1762337417-2231521048-3039012980-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-09-22] (Internet Download Manager, Tonec Inc.)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-09-22] (Internet Download Manager, Tonec Inc.)

FireFox:
========
FF DefaultProfile: o6yasy6y.default-1506712320144
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144 [2017-11-01]
FF Extension: (OkayFreedom) - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\o6yasy6y.default-1506712320144\Extensions\{DB981CCA-088E-4731-A4A2-2FE218703C0E}.xpi [2017-04-11]
FF HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (No Name) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-10-06]
FF HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Peter\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Peter\AppData\Roaming\IDM\idmmzcc5 [2017-09-03] [not signed]
FF HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-27] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1762337417-2231521048-3039012980-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Peter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://search.searchytdvta.com/s?remove=remove&query={searchTerms}
CHR Profile: C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default [2017-11-05]
CHR Extension: (Prezentácie) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-20]
CHR Extension: (YouTube) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-20]
CHR Extension: (Adblock Plus) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Who Deleted Me - Unfriend Finder) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiepnnbjenknnjgabbodaihlnkkpkgll [2017-08-04]
CHR Extension: (Tabuľky) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-20]
CHR Extension: (Save to Facebook) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-09-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-01]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-10-06]
CHR HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-10-06]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BWMeterConSvc; C:\Program Files (x86)\BWMeter\BWMeterConSvc.exe [126976 2017-02-22] () [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2016-11-26] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [File not signed]
S3 Disc Soft Ultra Bus Service; C:\Users\Peter\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [4854464 2016-12-12] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2648184 2017-11-03] (ESET)
R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [355336 2017-11-02] (Steganos Software GmbH)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\RpcAgentSrv.exe [73200 2015-03-17] (SiSoftware) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [70384 2017-03-27] ()
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-12-03] (Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-12-22] (Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-12-22] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2017-01-25] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2017-01-25] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132848 2017-11-03] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2017-11-03] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [77736 2017-11-03] (ESET)
R3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-08] (ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-11-26] (REALiX(tm))
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2016-11-26] ()
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015.SP1a\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33960 2016-11-26] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [221824 2016-12-14] (Samsung Electronics Co., Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [131856 2017-10-05] (BigNox Corporation)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [144656 2017-10-05] (BigNox Corporation)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [270608 2017-10-05] (BigNox Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-05 08:04 - 2017-11-05 08:05 - 000015825 _____ C:\Users\Peter\Desktop\FRST.txt
2017-11-05 08:03 - 2017-11-05 08:00 - 002403328 _____ (Farbar) C:\Users\Peter\Desktop\FRST64.exe
2017-11-05 08:02 - 2017-11-05 08:02 - 000112640 _____ (forum.viry.cz) C:\Users\Peter\Desktop\FRSTLauncher.exe
2017-11-05 08:00 - 2017-11-05 08:04 - 000000000 ____D C:\FRST
2017-11-05 07:59 - 2017-11-05 08:00 - 002403328 _____ (Farbar) C:\Users\Peter\Downloads\FRST64.exe
2017-11-04 15:28 - 2017-11-04 15:28 - 000522240 _____ (OldTimer Tools) C:\Users\Peter\Desktop\OTM.exe
2017-11-04 12:26 - 2017-11-04 12:26 - 008261584 _____ (Malwarebytes) C:\Users\Peter\Downloads\adwcleaner_7.0.4.0.exe
2017-11-04 12:08 - 2017-11-04 12:08 - 001222144 _____ C:\Users\Peter\Downloads\RSITx64 (2).exe
2017-11-03 18:05 - 2017-11-03 18:05 - 000001077 _____ C:\Users\Public\Desktop\OkayFreedom.lnk
2017-11-02 19:05 - 2017-11-02 19:05 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Steganos Updates
2017-11-01 16:38 - 2017-11-01 16:38 - 000723152 _____ (Spotify Ltd) C:\Users\Peter\Downloads\SpotifySetup (2).exe
2017-11-01 16:01 - 2017-11-01 16:03 - 043293679 _____ C:\Users\Peter\Desktop\Spotify-8.4.25.771-Mod-arm-iHackedit.com.apk
2017-11-01 15:57 - 2017-11-01 15:58 - 000723152 _____ (Spotify Ltd) C:\Users\Peter\Downloads\SpotifySetup (1).exe
2017-11-01 15:38 - 2017-08-30 21:39 - 000504832 _____ C:\Users\Peter\Downloads\patch.exe
2017-11-01 15:35 - 2017-11-01 15:37 - 000002284 _____ C:\Users\Public\Desktop\Driver Booster 5.lnk
2017-11-01 15:35 - 2017-11-01 15:35 - 000000000 ____D C:\Users\Peter\Downloads\IObit Driver Booster Pro 5.0.3.402
2017-11-01 15:35 - 2017-11-01 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
2017-11-01 15:32 - 2017-11-01 15:32 - 000000000 ____D C:\Windows\pss
2017-11-01 15:31 - 2017-11-01 15:32 - 018468419 ____R C:\Users\Peter\Downloads\IObit Driver Booster Pro 5.0.3.402.rar
2017-11-01 15:31 - 2017-11-01 15:31 - 000006117 _____ C:\Users\Peter\Downloads\[CzT]IObit_Driver_Booster_Pro_v_5_0_3_402_CZ_SK_.torrent
2017-10-29 16:56 - 2017-10-29 16:56 - 000057300 _____ C:\Windows\ntbtlog.txt
2017-10-29 07:35 - 2017-10-28 08:44 - 001913856 _____ (Cyber Terminators) C:\Users\Peter\Desktop\CTMT-4.0.0.0.exe
2017-10-28 17:03 - 2017-10-28 17:03 - 000003872 _____ C:\Windows\System32\Tasks\CCleaner Update
2017-10-28 14:26 - 2017-10-28 14:26 - 003817818 _____ C:\Users\Peter\Downloads\PSSR_20171027_164619.mp4
2017-10-28 12:21 - 2017-10-28 12:21 - 000019893 _____ C:\Users\Peter\Downloads\[CzT]The_Flash_S04E03_Luck_Be_A_Lady_TvRip_720p_.torrent
2017-10-28 09:04 - 2017-10-28 09:06 - 632641050 ____R C:\Users\Peter\Downloads\cc.17.09.30.karolina.6124[N1C].mp4
2017-10-28 09:03 - 2017-10-28 09:03 - 000012556 _____ C:\Users\Peter\Downloads\[CzT]CzechCasting_Karolina_6124_30_9_2017_CZ_1080p_.torrent
2017-10-22 19:08 - 2017-10-23 03:53 - 000000000 ____D C:\Users\Peter\AppData\Local\Seed4Me
2017-10-22 19:06 - 2017-10-22 19:07 - 010575176 _____ C:\Users\Peter\Downloads\seed4me-vpn-1.0.16.exe
2017-10-22 12:38 - 2017-10-23 03:58 - 000000000 ____D C:\ProgramData\Avg
2017-10-22 12:38 - 2017-10-23 03:58 - 000000000 ____D C:\Program Files (x86)\AVG
2017-10-22 12:38 - 2017-10-23 03:57 - 000000000 ____D C:\Users\Peter\AppData\Local\AvgSetupLog
2017-10-22 12:38 - 2017-10-22 12:42 - 000000000 ____D C:\Users\Peter\AppData\Local\Avg
2017-10-22 12:32 - 2017-10-22 12:32 - 000002671 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Word Viewer 2003.lnk
2017-10-22 12:32 - 2017-10-22 12:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-22 12:30 - 2017-10-22 12:30 - 025780720 _____ (Microsoft Corporation) C:\Users\Peter\Downloads\wordview_sk-sk.exe
2017-10-22 12:30 - 2017-10-22 12:30 - 000000000 ____D C:\Program Files (x86)\MSECache
2017-10-22 10:05 - 2017-10-28 12:32 - 000000000 ____D C:\Users\Peter\Downloads\Flash 4
2017-10-22 10:04 - 2017-10-22 10:05 - 000019512 _____ C:\Users\Peter\Downloads\[CzT]The_Flash_S04E02_Mixed_Signals_TvRip_720p_.torrent
2017-10-22 09:47 - 2017-11-03 18:06 - 000000000 ____D C:\Program Files (x86)\OkayFreedom
2017-10-22 09:47 - 2017-11-03 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom
2017-10-20 17:41 - 2017-10-20 17:41 - 000020490 _____ C:\Users\Peter\Downloads\[CzT]Lucifer_S03E03_Mr_Mrs_Mazikeen_Smith_2017_TvRip_720p_.torrent
2017-10-20 17:39 - 2017-10-28 12:33 - 000000000 ____D C:\Users\Peter\Downloads\Lucifer
2017-10-20 17:38 - 2017-10-20 17:38 - 000017769 _____ C:\Users\Peter\Downloads\[CzT]Lucifer_S03E02_The_One_With_The_Baby_Carrot_2017_TvRip_720p_.torrent
2017-10-20 06:47 - 2017-10-28 12:31 - 000000000 ____D C:\Users\Peter\Downloads\Arrow 4.seria
2017-10-20 06:47 - 2017-10-20 06:47 - 000018864 _____ C:\Users\Peter\Downloads\[CzT]Arrow_S06E02_Tribute_TvRip_720p_.torrent
2017-10-14 13:03 - 2017-10-14 13:04 - 010204932 _____ C:\Users\Peter\Downloads\LDOE_1.5.8_Modded_Data_by_GodisAGamer.zip
2017-10-14 10:29 - 2017-10-14 10:29 - 000000000 ____D C:\Users\Peter\Downloads\Gotham
2017-10-14 10:28 - 2017-10-14 10:28 - 000017813 _____ C:\Users\Peter\Downloads\[CzT]Gotham_S04E03_A_Dark_Knight_They_Who_Hide_Behind_Masks_TvRip_720p_.torrent
2017-10-14 10:27 - 2017-10-14 10:27 - 000014343 _____ C:\Users\Peter\Downloads\[CzT]Legends_of_Tomorrow_S03E01_Aruba_Con_TvRip_720p_ (1).torrent
2017-10-14 10:27 - 2017-10-14 10:27 - 000014342 _____ C:\Users\Peter\Downloads\[CzT]Legends_of_Tomorrow_S03E01_Aruba_Con_TvRip_720p_.torrent
2017-10-14 10:27 - 2017-10-14 10:27 - 000000000 ____D C:\Users\Peter\Downloads\Legends of tommorow
2017-10-14 10:26 - 2017-10-14 10:26 - 000010934 _____ C:\Users\Peter\Downloads\[CzT]The_Flash_S04E01_The_Flash_Reborn_TvRip_720p_.torrent
2017-10-14 10:25 - 2017-10-14 10:25 - 000011144 _____ C:\Users\Peter\Downloads\[CzT]Arrow_S06E01_Fallout_TvRip_720p_.torrent
2017-10-13 17:38 - 2017-10-13 17:38 - 000000000 ____D C:\Users\Peter\AppData\Roaming\cef3-cache
2017-10-13 17:38 - 2017-10-13 17:38 - 000000000 ____D C:\Users\Peter\AppData\Roaming\bwincom
2017-10-13 17:37 - 2017-10-13 17:37 - 000001655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\bwin Poker.lnk
2017-10-13 17:37 - 2017-10-13 17:37 - 000001649 _____ C:\Users\Peter\Desktop\bwin Poker.lnk
2017-10-13 17:37 - 2017-10-13 17:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker
2017-10-13 17:34 - 2017-10-13 17:35 - 000722168 _____ C:\Users\Peter\Downloads\bwincomPokerSetup.exe
2017-10-12 02:09 - 2017-10-12 02:09 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-11 18:10 - 2017-09-13 16:33 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-10-11 18:10 - 2017-09-13 16:32 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-11 18:10 - 2017-09-13 16:32 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-10-11 18:10 - 2017-09-13 16:32 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-11 18:10 - 2017-09-13 16:32 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-11 18:10 - 2017-09-13 16:31 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000886272 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-10-11 18:10 - 2017-09-13 16:28 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:27 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:13 - 004001512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-10-11 18:10 - 2017-09-13 16:13 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-10-11 18:10 - 2017-09-13 16:10 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000830464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-10-11 18:10 - 2017-09-13 16:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:08 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 16:05 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-11 18:10 - 2017-09-13 16:00 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-10-11 18:10 - 2017-09-13 16:00 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-10-11 18:10 - 2017-09-13 16:00 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-10-11 18:10 - 2017-09-13 16:00 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-10-11 18:10 - 2017-09-13 15:57 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-10-11 18:10 - 2017-09-13 15:56 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-10-11 18:10 - 2017-09-13 15:53 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-11 18:10 - 2017-09-13 15:53 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-10-11 18:10 - 2017-09-13 15:53 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-11 18:10 - 2017-09-13 15:52 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-10-11 18:10 - 2017-09-13 15:52 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-11 18:10 - 2017-09-13 15:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-10-11 18:10 - 2017-09-13 15:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-10-11 18:10 - 2017-09-13 15:46 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-10-11 18:10 - 2017-09-13 15:46 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-10-11 18:10 - 2017-09-13 15:46 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-10-11 18:10 - 2017-09-13 15:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 15:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 15:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 15:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-10-11 18:10 - 2017-09-13 15:46 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-10-11 18:10 - 2017-09-09 01:45 - 000395984 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-10-11 18:10 - 2017-09-09 00:47 - 000347344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-10-11 18:10 - 2017-09-08 16:34 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-11 18:10 - 2017-09-08 16:30 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 002058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-10-11 18:10 - 2017-09-08 16:30 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-10-11 18:10 - 2017-09-08 16:14 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-11 18:10 - 2017-09-08 16:13 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-11 18:10 - 2017-09-08 16:13 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-10-11 18:10 - 2017-09-08 16:10 - 001549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-11 18:10 - 2017-09-08 16:10 - 001363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-10-11 18:10 - 2017-09-08 16:10 - 000312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-10-11 18:10 - 2017-09-08 16:10 - 000109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-10-11 18:10 - 2017-09-08 16:09 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-10-11 18:10 - 2017-09-08 16:00 - 003222016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-10-11 18:10 - 2017-09-08 16:00 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-11 18:10 - 2017-09-08 16:00 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-11 18:10 - 2017-09-08 15:59 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-10-11 18:10 - 2017-09-08 15:59 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-10-11 18:10 - 2017-09-08 15:20 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-11 18:10 - 2017-09-08 15:20 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-11 18:10 - 2017-09-08 15:20 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-11 18:10 - 2017-09-07 22:38 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-10-11 18:10 - 2017-09-07 22:37 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-10-11 18:10 - 2017-09-07 22:19 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-10-11 18:10 - 2017-09-07 22:18 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-10-11 18:10 - 2017-09-07 22:18 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-10-11 18:10 - 2017-09-07 22:17 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-10-11 18:10 - 2017-09-07 22:17 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-10-11 18:10 - 2017-09-07 22:15 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-10-11 18:10 - 2017-09-07 22:08 - 025729536 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-11 18:10 - 2017-09-07 22:08 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-10-11 18:10 - 2017-09-07 22:07 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-10-11 18:10 - 2017-09-07 22:02 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-10-11 18:10 - 2017-09-07 22:01 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-11 18:10 - 2017-09-07 22:01 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-10-11 18:10 - 2017-09-07 22:01 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-10-11 18:10 - 2017-09-07 22:00 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-11 18:10 - 2017-09-07 21:52 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-10-11 18:10 - 2017-09-07 21:48 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-10-11 18:10 - 2017-09-07 21:40 - 005982208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-11 18:10 - 2017-09-07 21:39 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-10-11 18:10 - 2017-09-07 21:38 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-10-11 18:10 - 2017-09-07 21:37 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-10-11 18:10 - 2017-09-07 21:33 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-10-11 18:10 - 2017-09-07 21:32 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-10-11 18:10 - 2017-09-07 21:29 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-10-11 18:10 - 2017-09-07 21:27 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-10-11 18:10 - 2017-09-07 21:13 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-10-11 18:10 - 2017-09-07 21:10 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-10-11 18:10 - 2017-09-07 21:10 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-10-11 18:10 - 2017-09-07 21:08 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-10-11 18:10 - 2017-09-07 21:08 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-10-11 18:10 - 2017-09-07 20:44 - 015262720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-11 18:10 - 2017-09-07 20:40 - 003240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-11 18:10 - 2017-09-07 20:27 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-10-11 18:10 - 2017-09-07 20:27 - 001548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-11 18:10 - 2017-09-07 20:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-10-11 18:10 - 2017-09-07 20:11 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-10-11 18:10 - 2017-09-07 20:10 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-10-11 18:10 - 2017-09-07 20:10 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-10-11 18:10 - 2017-09-07 20:10 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-10-11 18:10 - 2017-09-07 20:09 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-10-11 18:10 - 2017-09-07 20:04 - 020267008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-11 18:10 - 2017-09-07 20:03 - 002292736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-10-11 18:10 - 2017-09-07 20:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-10-11 18:10 - 2017-09-07 20:02 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-10-11 18:10 - 2017-09-07 19:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-10-11 18:10 - 2017-09-07 19:58 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-11 18:10 - 2017-09-07 19:58 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-10-11 18:10 - 2017-09-07 19:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-10-11 18:10 - 2017-09-07 19:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-10-11 18:10 - 2017-09-07 19:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-10-11 18:10 - 2017-09-07 19:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-10-11 18:10 - 2017-09-07 19:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-10-11 18:10 - 2017-09-07 19:40 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-10-11 18:10 - 2017-09-07 19:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-10-11 18:10 - 2017-09-07 19:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-10-11 18:10 - 2017-09-07 19:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-10-11 18:10 - 2017-09-07 19:29 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-11 18:10 - 2017-09-07 19:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-10-11 18:10 - 2017-09-07 19:26 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-10-11 18:10 - 2017-09-07 19:25 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-10-11 18:10 - 2017-09-07 19:25 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-10-11 18:10 - 2017-09-07 19:17 - 013677568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-11 18:10 - 2017-09-07 19:01 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-11 18:10 - 2017-09-07 18:57 - 001316864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-11 18:10 - 2017-09-07 18:57 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-10-11 18:10 - 2017-09-07 16:31 - 002851328 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2017-10-11 18:10 - 2017-09-07 16:12 - 002755072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2017-10-11 18:10 - 2017-09-07 15:55 - 000461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-11 18:10 - 2017-09-07 15:55 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-11 18:10 - 2017-09-07 15:55 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-10-11 18:10 - 2017-08-19 16:28 - 004121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2017-10-11 18:10 - 2017-08-19 16:28 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-11 18:10 - 2017-08-19 16:28 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2017-10-11 18:10 - 2017-08-19 16:10 - 003209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2017-10-11 18:10 - 2017-08-19 16:10 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2017-10-11 18:10 - 2017-08-19 16:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2017-10-11 18:10 - 2017-08-19 16:08 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2017-10-11 18:10 - 2017-08-19 16:08 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2017-10-11 18:10 - 2017-08-19 15:57 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2017-10-11 18:10 - 2017-08-19 15:57 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2017-10-11 18:10 - 2017-08-14 18:35 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-10-11 18:10 - 2017-08-14 18:35 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2017-10-11 18:10 - 2017-08-14 18:35 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2017-10-11 18:10 - 2017-08-13 22:45 - 000040448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2017-10-08 19:44 - 2017-10-08 19:44 - 011124892 _____ C:\Users\Peter\Desktop\LDOE 1.6.2 MOD SAVE DATA V2 By BadError.zip
2017-10-08 19:40 - 2017-10-08 19:40 - 000000000 ____D C:\Users\Peter\AppData\Local\MultiPlayerManager
2017-10-08 13:49 - 2017-10-08 13:55 - 1056565563 _____ C:\Users\Peter\Downloads\Lucifer.S03E01.720p.HDTV.X264-DIMENSION.mkv
2017-10-08 13:34 - 2017-10-08 13:34 - 001222144 _____ C:\Users\Peter\Downloads\RSITx64 (1).exe
2017-10-07 16:20 - 2017-10-07 16:20 - 000000000 ____D C:\Program Files\DIFX
2017-10-07 16:20 - 2017-10-05 15:35 - 000144656 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2017-10-06 17:17 - 2017-08-05 17:26 - 000225568 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-05 08:03 - 2017-04-23 10:20 - 000000000 ____D C:\Users\Peter\AppData\Roaming\uTorrent
2017-11-05 07:58 - 2016-12-10 15:10 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Charles
2017-11-05 07:27 - 2009-07-14 05:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-05 07:27 - 2009-07-14 05:45 - 000025760 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-05 07:26 - 2016-11-27 21:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-11-05 07:16 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-04 23:41 - 2017-09-03 12:24 - 000000000 ____D C:\Users\Peter\AppData\Roaming\DMCache
2017-11-04 15:43 - 2016-12-27 14:19 - 000000000 ____D C:\Program Files\trend micro
2017-11-04 15:28 - 2017-09-03 12:24 - 000000000 ____D C:\Users\Peter\AppData\Roaming\IDM
2017-11-04 12:27 - 2015-03-25 21:30 - 000000000 ____D C:\AdwCleaner
2017-11-03 11:17 - 2017-03-01 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker
2017-11-03 11:16 - 2016-12-13 17:11 - 000180088 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2017-11-03 11:16 - 2016-12-13 17:11 - 000132848 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2017-11-03 11:16 - 2016-12-13 17:11 - 000077736 _____ (ESET) C:\Windows\system32\Drivers\epfwwfpr.sys
2017-11-03 11:16 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2017-11-02 04:20 - 2017-06-11 20:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-02 00:30 - 2017-10-05 15:34 - 000000000 ____D C:\Users\Peter\AppData\Local\Nox
2017-11-01 16:02 - 2017-10-05 15:41 - 000000000 ____D C:\Users\Peter\.android
2017-11-01 16:01 - 2017-10-05 15:40 - 000000000 ____D C:\Users\Peter\vmlogs
2017-11-01 16:01 - 2017-10-05 15:36 - 000000000 ____D C:\Users\Peter\.BigNox
2017-11-01 15:36 - 2017-10-01 08:50 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Peter)
2017-11-01 09:01 - 2017-07-27 10:27 - 000003172 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1762337417-2231521048-3039012980-1000
2017-11-01 09:01 - 2017-03-22 14:45 - 000002164 _____ C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2017-11-01 09:01 - 2017-03-22 14:45 - 000000000 ___RD C:\Users\Peter\OneDrive
2017-10-31 17:38 - 2016-12-05 13:17 - 000000000 ____D C:\Users\Peter\AppData\Local\Spotify
2017-10-31 16:53 - 2016-12-05 13:17 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Spotify
2017-10-31 09:08 - 2016-11-26 16:16 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-31 09:08 - 2016-11-26 16:16 - 000002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-29 17:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2017-10-29 17:00 - 2016-11-26 16:20 - 000000000 ____D C:\Users\Peter\AppData\Local\ElevatedDiagnostics
2017-10-29 15:18 - 2016-12-13 16:34 - 000003606 _____ C:\Windows\System32\Tasks\AutoKMS
2017-10-29 15:02 - 2009-07-14 06:08 - 000032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-29 12:20 - 2016-11-26 19:50 - 000000000 ____D C:\Users\Peter\AppData\LocalLow\Mozilla
2017-10-29 11:37 - 2009-07-14 06:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-28 17:03 - 2017-09-21 17:26 - 000002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-10-28 17:03 - 2016-11-27 17:03 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-28 17:03 - 2016-11-27 17:03 - 000000000 ____D C:\Program Files\CCleaner
2017-10-28 14:47 - 2017-07-24 19:51 - 000001166 _____ C:\Users\Peter\Desktop\Facebook Gameroom.lnk
2017-10-28 14:47 - 2017-07-24 19:51 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-10-28 14:46 - 2016-11-26 19:51 - 000000000 ____D C:\Users\Peter\AppData\Local\Facebook
2017-10-28 14:41 - 2017-09-07 04:13 - 000000000 ____D C:\Users\Peter\Downloads\Compressed
2017-10-27 20:32 - 2017-03-29 17:17 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-27 20:32 - 2016-12-03 10:57 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-27 20:32 - 2016-11-27 21:03 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-27 20:32 - 2016-11-27 21:03 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-27 20:32 - 2016-11-27 21:03 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-23 03:23 - 2016-12-13 16:01 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-22 19:34 - 2017-08-10 17:44 - 000000000 ____D C:\Users\Peter\AppData\Roaming\Steganos
2017-10-22 13:01 - 2017-09-03 12:24 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2017-10-22 13:01 - 2017-01-19 16:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2017-10-22 13:01 - 2016-12-13 16:01 - 000000000 ____D C:\Users\Peter\AppData\Roaming\TeamViewer
2017-10-22 13:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2017-10-13 17:37 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-12 03:28 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2017-10-12 02:32 - 2009-07-14 05:45 - 000416472 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-12 02:13 - 2016-11-26 16:30 - 000000000 ____D C:\Windows\system32\MRT
2017-10-12 02:09 - 2016-11-26 16:30 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-12 02:06 - 2016-11-26 19:21 - 000765656 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-10-08 19:53 - 2017-10-05 15:40 - 000000000 ____D C:\Users\Peter\Nox_share
2017-10-08 14:53 - 2017-08-27 14:36 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-10-08 13:55 - 2017-02-24 14:14 - 000000000 ____D C:\Users\Peter\Downloads\Subs

==================== Files in the root of some directories =======

2002-08-29 18:33 - 2002-08-29 18:33 - 000319488 ____R () C:\Users\Peter\AppData\Roaming\MafiaSetup.exe
2016-11-26 16:41 - 2017-02-21 17:38 - 014438400 _____ () C:\Users\Peter\AppData\Roaming\Sandra.mdb
2017-01-14 17:58 - 2017-01-20 16:37 - 000007597 _____ () C:\Users\Peter\AppData\Local\Resmon.ResmonCfg
2017-01-19 16:47 - 2017-01-19 16:47 - 000000424 _____ () C:\Users\Peter\AppData\Local\UserProducts.xml
2017-07-05 16:58 - 2017-07-05 16:58 - 000000257 _____ () C:\ProgramData\fontcacheev1.dat

Files to move or delete:
====================
C:\ProgramData\fontcacheev1.dat


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Peter\Desktop" je 16093 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent
"C:\Users\Peter\DAEMON Tools Ultra\DTAgent.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM Notifier
"C:\Program Files (x86)\OkayFreedom\Notifier.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OKAYFREEDOM_Agent
"C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify
"C:\Users\Peter\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper
"C:\Users\Peter\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent
"C:\Users\Peter\AppData\Roaming\uTorrent\uTorrent.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Gameroom.lnk
C:\Users\Peter\AppData\Local\Facebook\Games\FACEBO~2.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\\Program Files (x86)\\xchat\\xchat.exe"="C:\\Program Files (x86)\\xchat\\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Přílohy
Addition.rar
(7.99 KiB) Staženo 43 x
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118270
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Sekavé načítanie v chrome

#10 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start
HKLM\...\Run: [WinUpdat] => wscript.exe //B "C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs" <==== ATTENTION
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {946eb8b2-c74d-11e6-8a47-001e8c60ef64} - E:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {946eb8bc-c74d-11e6-8a47-001e8c60ef64} - F:\MafiaLauncher.EXE
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {bb2bfff0-e78b-11e6-8be4-001e8c60ef64} - F:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {f5f5342f-e38d-11e6-8c80-001e8c60ef64} - E:\MafiaLauncher.EXE
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {fdbcd4d2-e143-11e6-b30e-001e8c60ef64} - E:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {fdbcd4d4-e143-11e6-b30e-001e8c60ef64} - F:\m.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\fontcacheev1.dat

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:
Velikost slozky "C:\Users\Peter\Desktop" je 16093 MB.
To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Peter novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup..
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#11 Příspěvek od PureHate44 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 02-11-2017
Ran by Peter (05-11-2017 11:36:58) Run:1
Running from C:\Users\Peter\Desktop
Loaded Profiles: Peter (Available Profiles: Peter)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [WinUpdat] => wscript.exe //B "C:\Users\Peter\AppData\Local\Temp\WinUpdat.vbs" <==== ATTENTION
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {946eb8b2-c74d-11e6-8a47-001e8c60ef64} - E:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {946eb8bc-c74d-11e6-8a47-001e8c60ef64} - F:\MafiaLauncher.EXE
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {bb2bfff0-e78b-11e6-8be4-001e8c60ef64} - F:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {f5f5342f-e38d-11e6-8c80-001e8c60ef64} - E:\MafiaLauncher.EXE
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {fdbcd4d2-e143-11e6-b30e-001e8c60ef64} - E:\m.exe
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\...\MountPoints2: {fdbcd4d4-e143-11e6-b30e-001e8c60ef64} - F:\m.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\fontcacheev1.dat

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\WinUpdat => value removed successfully
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946eb8b2-c74d-11e6-8a47-001e8c60ef64} => key removed successfully
HKLM\Software\Classes\CLSID\{946eb8b2-c74d-11e6-8a47-001e8c60ef64} => key not found.
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{946eb8bc-c74d-11e6-8a47-001e8c60ef64} => key removed successfully
HKLM\Software\Classes\CLSID\{946eb8bc-c74d-11e6-8a47-001e8c60ef64} => key not found.
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb2bfff0-e78b-11e6-8be4-001e8c60ef64} => key removed successfully
HKLM\Software\Classes\CLSID\{bb2bfff0-e78b-11e6-8be4-001e8c60ef64} => key not found.
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5f5342f-e38d-11e6-8c80-001e8c60ef64} => key removed successfully
HKLM\Software\Classes\CLSID\{f5f5342f-e38d-11e6-8c80-001e8c60ef64} => key not found.
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdbcd4d2-e143-11e6-b30e-001e8c60ef64} => key removed successfully
HKLM\Software\Classes\CLSID\{fdbcd4d2-e143-11e6-b30e-001e8c60ef64} => key not found.
HKU\S-1-5-21-1762337417-2231521048-3039012980-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fdbcd4d4-e143-11e6-b30e-001e8c60ef64} => key removed successfully
HKLM\Software\Classes\CLSID\{fdbcd4d4-e143-11e6-b30e-001e8c60ef64} => key not found.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
C:\ProgramData\fontcacheev1.dat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8067510 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 236 B
Edge => 0 B
Chrome => 459230722 B
Firefox => 624529 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 39910 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33058 B
systemprofile32 => 49555 B
LocalService => 132244 B
NetworkService => 7898 B
Peter => 9276443 B

RecycleBin => 0 B
EmptyTemp: => 463.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:37:21 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118270
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Sekavé načítanie v chrome

#12 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
PureHate44
Návštěvník
Návštěvník
Příspěvky: 154
Registrován: 28 čer 2011 17:49

Re: Sekavé načítanie v chrome

#13 Příspěvek od PureHate44 »

Jasné.... Je to oveľa lepšie :-) :wink: Ďakujem :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118270
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Sekavé načítanie v chrome

#14 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“